Microsoft Windows Snipping Tool Vulnerability

Published On: March 27, 2023Categories: Cyber Alerts

In today’s SensCy Cyber Alert, your SensCy team recommends Microsoft Windows 10 and Windows 11 users to install the latest security update immediately.

This vulnerability, now tracked as CVE-2023-28303, also called Acropalypse vulnerability, is caused by image editors not properly removing cropped image data when overwriting the original file. Meaning that when taking a screenshot and cropping sensitive information (account number, PII), the cropped image were not removed from the original file, that could be recovered by someone who has access to the complete image file.

After installing the latest update, the Snipping tool will be version 11.2302.20.0 for Windows 11, and Windows 10 Snip & Sketch will be version 10.2008.3001.0.

To install the security updates:

  • open the Microsoft Store and go to Library > Get Updates, and the latest version of the Windows Snipping Tool will be automatically installed.

Feel free to reach out to your client advocate for additional support.

Related Posts

  • April 19, 2023

    Categories: Cyber Alerts

    In today’s SensCy Cyber Alert, your SensCy team recommends Google Chrome Browser users to install the new Chrome Version immediately. Google Chrome released an out-of-band [...]

  • April 10, 2023

    Categories: Cyber Alerts

    In today’s SensCy Cyber Alert, your SensCy team urges Apple product users to install the new updates immediately. The new update remediate TWO zero-day vulnerabilitIes [...]

  • April 5, 2023

    Categories: Cyber Alerts

    In today’s SensCy Cyber Alert, your SensCy team recommends Google Chrome Browser users to install the new Chrome Version immediately. Google Chrome released Chrome 112, [...]