A severe privacy flaw named ‘acropalypse’ has been found to affect the Windows Snipping Tool, allowing people to partially recover content that was edited out of an image.
Previously, security researchers had discovered that a bug in Google Pixel’s Markup Tool caused the original image data to be retained even if it was edited or cropped out.
This flaw poses a significant privacy concern as if a user shares a picture, such as a credit card with a redacted number or revealing photos with the face removed, it may be possible to partially recover the original photo.
When opening a file in the Windows 11 Snipping Tool and overwriting an existing file, instead of truncating any unused data, it leaves the unused data behind, allowing it to be partially recovered.
Microsoft are currently investigating the problem, however, users should be aware of the flaw.