Partager:

JAKARTA - Microsoft has just released a pair of updates in Windows 10 and 11 to fix vulnerabilities in screenshot editing, dubbed aCropalypse.

This security flaw can make hackers recover parts of the screenshot that has been edited, potentially revealing personal information that has been cut or hidden.

The company began testing fixes for vulnerabilities earlier this week shortly after being discovered by retired software engineer Chris Blume.

Microsoft started rolling out a public update for the Snipping Tool Windows 11 as well as the Snip & Sketch Windows 10 app on Friday last week.

If users have got this update, they can manually request Windows to patch the application used by opening the Microsoft Store then clicking the Library, followed by Get Updates. Microsoft recommends all users install updates.

This vulnerability only applies to images that have been taken, stored, edited, and then stored in the original file, as well as those opened on Snipping Tool, edited, and then stored in the same location.

The vulnerability does not affect the screenshot that has been changed before storing it and also does not affect copied and pasted screenshots to, for example, an email or document body.

Launching The Verge, Monday, March 27, Microsoft first learned of the issue early last week, then Blume, who is also the head of the working group for the PNG image format, took it to David Buchanan and Simon Aarons, the security researcher who once found aCropalypse vulnerability as well as in Google Pixel's Markup tool.

In that case, hackers have the ability to reverse changes made to screenshots, so they can disclose personal information in images that a person says are hidden, either by cutting or crossed them out.

Just like the patch released by Google, Microsoft changes will not update edited or posted screenshots online, potentially leaving thousands of screenshots on the web that hackers can exploit.


The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)