Microsoft has acted quickly and released an update for the Windows Snipping Tool that fixes a vulnerability Windows Snipping Tool Exploit Exposes Data in Cropped Images – WinBuzzer. The recent versions of Microsoft's Snipping Tool for Windows 11 and Snip & Sketch for Windows 10 were found keeping data from cropped and saved screenshots in the file, possibly leading to unwanted sharing of information.
The update is available for Windows Insiders in the Canary Channel as version 11.2302.20.0 and can be downloaded from the Microsoft Store or sideloaded from other sources (at your own risk).
The Snipping Tool has been around since Windows Vista and has been updated for Windows 11 with a new design and features.
Cropped Information Could Be Recovered
The major flaw discovered some days ago could expose sensitive data that you cropped out of your screenshots. This was discovered by security researchers who found out that the cropped parts of images were not actually deleted from the files, but rather hidden in some extra data after the “PNG IEND chunk”.
This means anyone who got access to your screenshots could recover the cropped parts using some tools or scripts and see what you didn't want them to see. For example, someone could still retrieve that information from your file if you took a screenshot of your bank account and cropped out your balance or account number before sharing it online.
This vulnerability was similar to another one found in Google Pixel phones' screenshot tool, which was dubbed “Acropalypse” by some media outlets. Both issues raised serious privacy concerns for users who relied on these tools to capture and share information online.
How to See if You Are Affected
If you have the unpatched version of Snipping Tool, you will notice that both files have the same size despite being cropped differently. If you have the patched version, you will see that the cropped file has a smaller size than the original one.
It's not clear when Microsoft will roll out this update to all Windows 11 users, but we hope they do it soon because this is a serious security issue that affects many people who use Snipping Tool regularly.
So if you're one of those people who use Snipping Tool frequently, make sure you update it as soon as possible or switch to another tool until then, such as ShareX. You never know who might get their hands on your screenshots and what they might do with them.
Tip of the day: When using your Windows 10 laptop or convertible with a mobile hotspot you might want to limit the Internet bandwidth your PC uses. In our tutorial we are showing you how to set up a metered connection in Windows 11 or Windows 10 and how to turn it off again, if needed.