Microsoft has released a couple of emergency updates to address the “aCropalypse” security flaw found in its native Windows 10 and 11 screenshot editing apps. As The company reportedly began testing a fix for the vulnerability earlier this week shortly after it was released.
On Friday night, Microsoft began rolling out public updates to the Windows 11 Snipping Tool as well as the Windows 10 Snip & Sketch app. You can manually ask Windows to patch the app you use by opening the Microsoft Store and clicking under “Library”, followed by “Get updates”. Microsoft recommends that all users install the updates.
The aCropalypse flaw was first discovered in , and subsequently addressed by Google in the recent March Android security update. In the case of the Windows 11 Snipping Tool, it turned out that the utility was not correctly overwriting the clipped PNG data. The issue did not affect all PNG files, but the concern was that bad actors could exploit the vulnerability to partially recover edited images, particularly those that had been cropped to omit sensitive information. As with Google’s March Android update, Microsoft’s patches won’t protect images that were previously created with its screenshot tools.