Microsoft Issues Fix for aCropalypse Bug That Could Leak Bank Data, Medical Records from Cropped Screenshots

The aCropalypse bug was first spotted on Pixel smartphones and affected image cropping of both screenshots on the phones, it was dubbed 'aCropcalypse'.

Written by Radhika Parashar, Edited by David Delima | Updated: 28 March 2023 09:33 IST

Microsoft Issues Fix for aCropalypse Bug That Could Leak Bank Data, Medical Records from Cropped Screenshots

Photo Credit: Reuters

Microsoft has asked Windows users to install the update immediately

Highlights

The vulnerability was spotted recently
Microsoft seemingly took a quick step to release the fix
Previously, a similar issue had affected Google Pixel devices

Microsoft has released an emergency update to Windows that fixes a privacy-threatening bug dubbed ‘aCropalypse'. This bug could potentially allow details that were cropped out of images by the Windows screenshot tool to be recovered by any user. The issue prevented information cropped out from screenshots from being removed from the source image, allowing it to be retained in the file and recovered at a later date. The details at risk could have included sensitive information like bank card details, medical records, phone numbers, as well as social security information.

First detected on Pixel smartphones and dubbed "aCropalypse", the CVE-2023-28303 vulnerability meddled with the image cropping tool on Pixel smartphones for screenshots. Researchers then found a similar flaw on the screenshot tool for Windows, after which Microsoft has issued an update for the operating system.

Microsoft has asked users to deploy the update immediately to prevent the disclosure of any personal information that could be accompanying images, according to a Bleeping Computer report.

Samsung Galaxy Z Fold 5 Concept Video Hints at Galaxy S23-Like Design

To install the fix, Windows users need to visit the Microsoft Store and select Get Updates on the Library section located on the left of the screen. This is not the first time that such a vulnerability has been discovered on a popular and widely used tool. Previously, the Google Pixel phones had encountered a similar issue.

It is worth noting that Microsoft was quite swift in taking an action against the bug. In February, the company rolled out a major update for Windows 11, integrating the new AI-powered Bing search engine with the Windows 11 taskbar.

Kokomo Finance Disappears, Rug Pull Scam Worth Over $4 Million Suspected

Making inroads in the Web3 sector, Microsoft is also testing support for a crypto wallet on its Edge browser. This wallet has been built on the Ethereum blockchain and it is expected to be a part of Edge in a future update. As part of its functionality, this digital wallet could allow users to store and hold Ether tokens and other Ethereum-based cryptocurrencies, as per the report.

Realme might not want the Mini Capsule to be the defining feature of the Realme C55, but will it end up being one of the phone's most talked-about hardware specifications? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Microsoft, aCropalypse

Radhika Parashar

Email Radhika

Radhika Parashar is a senior correspondent for Gadgets 360. She has been reporting on tech and telecom for the last three years now and will be focussing on writing about all things crypto. Besides this, she is a major sitcom nerd and often replies in Chandler Bing and Michael Scott references. For tips or queries you could reach out to her at RadhikaP@ndtv.com. More