Pixel phone vulnerabilities exist in both Win11 and Win10 operating systems: edited pictures can be partially restored

Two engineers, Simon Aaarons and David Buchanan, recently discovered the security vulnerability aCropalypse in Pixel’s native image editing tool Markup through reverse engineering, which can restore the original image information after coding and trimming operations.

The above picture is the screenshot information after recovery, with a rendering error at the top

Buchanan said in the latest tweet that the native Windows Snipping Tool of Microsoft Win11 system, The native "Snip & Sketch" screenshots in Win10 system also have aCropalypse vulnerability. By changing the image format from RGB to RGBA, the original image information after the trimming operation can also be restored.

From the test of foreign technology media bleepingcomputer, we found that after trimming the picture, the size of the edited picture has not changed, and the picture information can be partially restored.

The picture on the left is the original picture, and the picture on the right is the picture after trimming

The size of the two pictures is exactly the same Same

Part of the screenshot information can be recovered through this vulnerability

The above is the detailed content of Pixel phone vulnerabilities exist in both Win11 and Win10 operating systems: edited pictures can be partially restored. For more information, please follow other related articles on the PHP Chinese website!