Microsoft is releasing a patch against the Snipping Tool vulnerability

We reported a vulnerability in the Google Pixel encoder. Short version: Screenshots cropped using the in-house markup tool and then shared had a little secret on board – namely the rest of the content, which should not be visible after cropping. Hidden parts can be shown and thus secrets revealed. Everything was called “acropalypse”.

Shortly thereafter, it was revealed that the Windows Snipping Tool (German name: cut and draw), that is, the internal tool for creating screenshots under Windows 11, also has this gap (also Snip & Sketch from Windows 10).

Microsoft has now released an update to address this gap. The gap is shown below CVE-2023-28303, “Windows Snipping Tool information disclosure vulnerability”. For Snipping Tool installed on Windows 11, app versions 11.2302.20.0 and later include this update. Users can manually ask Windows to patch the app they’re using by opening the Microsoft Store and clicking Library, then Get updates. Microsoft recommends that all users install updates.

See also  Found a new edition publisher

Leave a Reply

Your email address will not be published.