Earlier this week, programmer and “accidental security researcher”Simon Aarons reported a bug in the Google Markup screenshot editing tool for Pixel phones. The bug, dubbed “acropalypse”, allows you to partially restore the content that you cut out of the Android screenshot, which can be a problem if you cut out sensitive information.
Aaron’s employee David Buchanan reported today that a similar bug is affecting the Snipping Tool app in Windows 11. According to Bleeping Computer, which was able to check for the bug, all PNG files have an “IEND”data fragment that tells the software where the image file ends. A screenshot cropped with the Snipping Tool and then saved over the original (the default behavior) adds a new IEND fragment to the PNG image, but leaves a bunch of original screenshot data after the IEND fragment.
Buchanan says that a “slightly modified”version of the acrocalypse script can be used to read and reconstruct this data, partially restoring the portion of the image you cropped from the original screenshot. Buchanan “sticks to publishing “Windows-compatible versions of these scripts because Microsoft (unlike Google) didn’t have time to fix the vulnerability.
Buchanan says the issue also affects Windows 10’s “Snip and Sketch”tool, the application that became the basis for the new Windows 11 Snipping Tool. The old Windows Vista era Snipping Tool, which is still included as a standalone application in Windows 10, is not affected by this error.
Microsoft told Bleeping Computer that it is “investigating”the issue. At the same time, there are workarounds – re-saving the cropped image with another photo editing application completely removes the data from the end of the file. While the Snipping Tool does leave data at the end of cropped JPEG files, the current exploits only work on PNG images, not JPEGs.