Dangerous ‘acropalypse’ bug in Windows Snipping Tool fixed in emergency security update — install it now

Share

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Email

Share this article

Join the conversation

Follow us

Add us as a preferred source on Google

Newsletter

Get the Tom's Guide Newsletter

Here at Tom’s Guide our expert editors are committed to bringing you the best news, reviews and guides to help you stay informed and ahead of the curve!

Become a Member in Seconds

Unlock instant access to exclusive member features.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

---

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

---

Want to add more newsletters?

Daily (Mon-Sun)

Tom's Guide Daily

Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.

Signup +

Weekly on Thursday

Tom's AI Guide

Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!

Signup +

Weekly on Friday

Tom's iGuide

Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.

Signup +

Weekly on Monday

Tom's Streaming Guide

Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.

Signup +

---

Join the club

Get full access to premium articles, exclusive features and a growing list of member rewards.

Explore

---

An account already exists for this email address, please log in.

Subscribe to our newsletter

Microsoft has released an emergency security update for both Windows 10 and Windows 11 which addresses a dangerous bug in its Snipping Tool utility.

The bug has been dubbed ‘acropalypse’ (tracked as CVE-2023-2803) and occurs when image editors like the search giant’s Snipping Tool doesn’t properly remove cropped image data when overwriting the original file according to BleepingComputer.

After testing a fix for the bug in its Windows Insider Canary channel, Microsoft has now publicly released a fix for both the Snip & Sketch app in Windows 10 and the Snipping Tool program in Windows 11. The company is urging Windows users to apply the update now to patch the acropalypse vulnerability.

Once installed, Windows 11 Snipping Tool will be version 11.2302.20.0 while Windows 10 Snip & Sketch will be version 10.2008.3001.0. 

What is the acropalypse flaw and how does it work?

Although it is now affecting Windows PCs, the acropalypse flaw was first found on Pixel Phones inside Google’s Pixel Markup tool. 

Discovered by security researchers David Buchanan and Simon Aarons, the acropalypse flaw causes an image’s original data to be retained even after it has been edited or cropped. The danger here is that if a user shares a picture of something sensitive like their credit card with its number redacted via image cropping, it may be possible to partially recover the original photo.

To show how the acropalypse bug could be exploited by an attacker, Buchanan and Aarons created an online screenshot recovery tool that tries to recover edited images created on a Google Pixel phone like the Pixel 7 or Pixel 7 Pro.

The impact of the acropalypse bug is quite large, with security researchers telling BleepingComputer that more than 4,000 images hosted on VirusTotal are affected. However, on image hosting websites, the number of images affected by the bug is likely even higher.

How to protect your Windows PC from this dangerous flaw

Now that Microsoft has rolled out an emergency security update to patch this issue, it’s up to you to install it.

To do so, you first need to open the Microsoft Store and go to Library and then to Get Updates. Clicking on the button will install the latest version of the Windows Snipping Tool or Snip & Sketch automatically on your PC.

After patching the acropalypse flaw, you might want to take some time to further secure your PC from the latest threats. Besides updating Windows Defender and ensuring it’s enabled on your computer, you may also want to install one of the best antivirus software programs for additional protection.

When it comes to keeping your photos and other images safe, you can use the best cloud storage to keep an extra copy of them in the cloud or even one of the best cloud backup services to automate this process.

Even though the acropalypse flaw is considered dangerous, Microsoft has classified the vulnerability as “Low” severity due to the fact that it "requires uncommon user interaction and several factors outside of an attacker's control” to exploit. Still, keeping your PC updated is one of the best ways to protect your devices and your data from hackers.

More from Tom's Guide

• Hackers are stealing Gmail messages — delete this extension right now
• Windows 11 users hit with annoying security warning bug
• Macs under attack from new malware that steals passwords