Skip to main content

Your Windows 11 screenshots may not be as private as you thought

When you capture a screenshot and crop out sensitive information, it’s still possible to recover a portion of the image that was supposedly removed in some circumstances.

This isn’t the first time redacted documents have turned out to have left hidden data intact and readable with the right tools and knowledge. A recent bug in Google’s Markup tool for the Pixel phone, humorously dubbed the “Acropalypse,” shows this issue might be surprisingly common.

In a comment on the tweet about the Pixel bug, Chris Blume shared a similar discovery about the Windows Snipping Tool. A PNG image that requires 198 bytes grows to a much larger 4.7kB file when saved over an existing image. When saved as a new file, it increases by only 56 bytes, probably adding some metadata.

I've got a fun one for you all to look at.

I opened a 198 byte PNG with Microsoft's Snipping Tool, chose "Save As" to overwrite a different PNG file (no editing), and saves a 4,762 byte file with all that extra after the PNG IEND chunk.

Sounds similar :D

— Chris Blume (@ProgramMax) March 21, 2023

The implication is that Windows Snipping Tool overwrites files without reallocating storage. Instead, the new image data overwrites the existing file, followed by an end-of-file marker, and the rest of the old content remains.

While this might not sound like a common occurrence, consider the scenario Bleeping Computer described. You take a screenshot with the Windows Snipping Tool and save it. Realizing some sensitive data is visible, you crop it out and save over the original file.

In a Windows File Explorer preview pane and the Photos app, it looks like the crop is successful. In truth, the file size will be the same as that of the uncropped version, and parts of the old image are still there.

It isn’t easy to see the old data, but not that hard if you are looking for it and have some developer tools or a specialized app made to take advantage of this vulnerability.

Microsoft is aware of the issue and is currently investigating. In the meantime, you can protect yourself by cropping with the Photos app or other Windows photo editor. You can keep using the Snipping Tool safely if you save cropped screenshots as new files instead of overwriting existing data.

Alan Truly
Alan is a Computing Writer living in Nova Scotia, Canada. A tech-enthusiast since his youth, Alan stays current on what is…
The next Windows 11 update may seriously slow down your SSD
Windows 11 logo on a laptop.

Microsoft may be rolling out a new feature as part of the latest Windows 11 update that will boost security but slow down SSD performance. We're talking about BitLocker, of course, a device encryption feature that will be turned on by default as part of the upcoming 24H2 update.

In the past, BitLocker encryption was available only on Windows Pro editions, but the new update lowers the eligibility criteria, extending encryption capabilities to a broader range of devices.

Read more
You definitely want to install these 90 Windows security patches
Microsoft Surface Laptop Go 3 rear view showing lid and logo.

Microsoft has issued security updates to address 90 vulnerabilities, some of which hackers are actively exploiting, in a blog post yesterday. These flaws allow hackers to bypass security features and gain unauthorized access to your PC's system, highlighting the need to keep your Windows computer updated.

Nine are rated Critical, 80 of the flaws are rated Important, and only one is rated Moderate in severity. In addition, the software giant has patched 36 vulnerabilities in its Edge browser in the past month to avoid issues with its browser. Users will be happy to know that the patches are for six actively exploited zero-days, including CVE-2024-38213. This lets attackers bypass SmartScreen protections but requires the user to open a malicious file. TrendMicro's Peter Girnus, who discovered and reported the flaw, proposed it could be a workaround for CVE-2023-36025 or CVE-2024-21412 that DarkGate malware operators misused.

Read more
PC gamers still prefer Windows 10 over Windows 11
A man stands in front of a gaming PC.

Windows 11 saw a decline in the latest Steam hardware and software survey for July 2024. According to Valve's data, gamers using Microsoft's newer operating system dropped below the 46% threshold. Currently, Windows 11 accounts for approximately 45.81% of all Windows users on Steam, marking a decrease of 0.82% from the previous month.

In contrast, Windows 10 experienced an increase of 0.74%, reaching a 50.16% share. Although gaming performance is generally similar on both operating systems, a recent test by Hardware Unboxed reveals that Windows 10 may offer better performance in certain titles due to the core isolation feature, where memory integrity is enabled by default on Windows 11.

Read more