CVE-2023-28303

Name of the Vulnerable Software and Affected Versions Windows Snipping Tool versions prior to 10.2008.3001.0 Windows 10 Snip & Sketch versions prior to 11.2302.20.0

Description The issue is related to the incorrect procedure of saving a file after editing and replacing it with its original file, which may allow an attacker to gain unauthorized access to protected information. The problem is caused by image editors incorrectly deleting cropped image data when overwriting the original file. For example, if a user takes a screenshot and wants to crop out confidential information before publishing it, the expected effect is that the cropped data will be deleted when the image is saved, but it is not. Researchers have discovered that both the Google Pixel marking tool and the Windows Snipping Tool leave cropped data in the original file. This can lead to the disclosure of confidential information that the user wanted to hide. The estimated number of publicly available images affected by this issue may be significant, with over 4000 images on VirusTotal alone.

Recommendations For Windows Snipping Tool versions prior to 10.2008.3001.0, update to version 10.2008.3001.0 or later. For Windows 10 Snip & Sketch versions prior to 11.2302.20.0, update to version 11.2302.20.0 or later. As a general precaution, always be aware of the possibility of recovering cropped data in screenshots made with earlier versions of the software.