Microsoft Windows Snipping Tool Vulnerability

Published On: March 27, 2023Categories: Cyber Alerts

In today’s SensCy Cyber Alert, your SensCy team recommends Microsoft Windows 10 and Windows 11 users to install the latest security update immediately.

This vulnerability, now tracked as CVE-2023-28303, also called Acropalypse vulnerability, is caused by image editors not properly removing cropped image data when overwriting the original file. Meaning that when taking a screenshot and cropping sensitive information (account number, PII), the cropped image were not removed from the original file, that could be recovered by someone who has access to the complete image file.

After installing the latest update, the Snipping tool will be version 11.2302.20.0 for Windows 11, and Windows 10 Snip & Sketch will be version 10.2008.3001.0.

To install the security updates:

  • open the Microsoft Store and go to Library > Get Updates, and the latest version of the Windows Snipping Tool will be automatically installed.

Feel free to reach out to your client advocate for additional support.

Related Posts

  • September 22, 2023

    Categories: Cyber Alerts

    In today’s SensCy Cyber Alert, your SensCy team urges Apple product users to install the new updates immediately. The new update remediates THREE new zero-day [...]

  • September 12, 2023

    Categories: Cyber Alerts

    In today’s SensCy Cyber Brief, your SensCy team reviewed Microsoft’s latest series of patches released on Tuesday, September 12, 2023. Today’s Patch Tuesday comes with [...]

  • September 12, 2023

    Categories: Cyber Alerts

    In today’s SensCy Cyber Alert, your SensCy team recommends Google Chrome Browser users to install the new Chrome Version immediately. Google announced a new update [...]