'Acropalypse' Privacy Flaw Strikes Windows 11 Snipping Tool, What You Need To Know

snipping flaw
When you delete something, you would naturally expect it to stay deleted. With the "acropalypse" bug, all bets are off. Security researchers discovered last week that Google's Pixel phones would retain data from cropped screenshots, allowing the cropped sections to be recovered. Now, it sounds like there's an almost identical bug in Windows 11.

On Twitter, software engineer Chris Blume reported that he was able to trigger a similar bug with the Windows 11 Snipping Tool. If you use the Snipping Tool to overwrite an existing file, the program doesn't truncate unused data as it should. The PNG file specification calls for these images to end with an 'IEND' data chunk. The excess data from the pre-edited image remains, giving anyone with access to the file a shot at recovering the original. The tool does something similar with JPEG files, but the acropalypse flaw doesn't currently work on JPEGs. The original team believes there might be a way to recover that data, though.


Most image viewers ignore the excess data, so you likely wouldn't even realize there's more data hiding in your cropped files, and yet, it's relatively easy to recover some of it. David Buchanan and Simon Aarons created an online tool to recover data from cropped Pixel images, but it does not currently work with Windows pictures. However, Buchanan provided BleepingComputer with a Python script that accomplished the same thing. In the example below, they successfully recovered the bottom half of an image that was cropped to just show a single icon.

recovered image%20copy
The bottom of the original uncropped image was recoverable thanks to the flaw (Credit: BleepingComputer)

This is a serious security issue because people often crop and edit images to remove personal information. The Snipping Tool has brushes, highlighting, and other tools that one might use to obscure important details from an image. However, you might end up leaving the original available to anyone who knows how to recover it. We will note that this only appears to apply to the crop tool within the Snipping Tool and that screenshot snippets captured with the rectangular selection tool appear to be safe.

Since the flaw exists in the Snipping Tool, you can open and save the affected files in another program (e.g. Photoshop), and the extraneous data after the IEND block will be purged. Presumably, Microsoft will issue a patch for the Snipping Tool in the future. Until then, be careful what you crop.

Top Image Credit: BleepingComputer