{"id":622514,"date":"2023-03-27T09:49:18","date_gmt":"2023-03-27T14:49:18","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/03\/27\/microsoft-pushes-out-an-emergency-fix-for-the-dangerous-acropalypse-bug\/"},"modified":"2023-03-27T09:49:18","modified_gmt":"2023-03-27T14:49:18","slug":"microsoft-pushes-out-an-emergency-fix-for-the-dangerous-acropalypse-bug","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/03\/27\/microsoft-pushes-out-an-emergency-fix-for-the-dangerous-acropalypse-bug\/","title":{"rendered":"Microsoft pushes out an emergency fix for the dangerous &#8216;acropalypse&#8217; bug"},"content":{"rendered":"<article aria-label=\"article\" data-id=\"WEZbTS8cb4it8HggeWVcmj\">\n<header>\n<nav aria-label=\"Breadcrumbs\">\n<ol>\n<li>\n<a href=\"https:\/\/www.techradar.com\" aria-label=\"Return to Home\">Home<\/a>\n<\/li>\n<li>\n<a href=\"https:\/\/www.techradar.com\/news\" aria-label=\"Return to News\">News<\/a>\n<\/li>\n<li>\n<a href=\"https:\/\/www.techradar.com\/computing\" aria-label=\"Return to Computing\">Computing<\/a>\n<\/li>\n<\/ol>\n<\/nav>\n<\/header>\n<section>\n<div itemprop=\"image\" itemscope itemtype=\"https:\/\/schema.org\/ImageObject\">\n<div>\n<picture><source type=\"image\/webp\" alt=\"Screenshot of the Microsoft Store on Windows 11\" onerror=\"if(this.src &#038;&#038; this.src.indexOf('missing-image.svg') !== -1){return true;};this.parentNode.replaceChild(window.missingImage(),this)\"   data-original-mos=\"https:\/\/cdn.mos.cms.futurecdn.net\/fP9xbWGfSK9RFjmj8dXbqS.jpg\" data-pin-media=\"https:\/\/cdn.mos.cms.futurecdn.net\/fP9xbWGfSK9RFjmj8dXbqS.jpg\"><source type=\"image\/jpeg\" alt=\"Screenshot of the Microsoft Store on Windows 11\" onerror=\"if(this.src &#038;&#038; this.src.indexOf('missing-image.svg') !== -1){return true;};this.parentNode.replaceChild(window.missingImage(),this)\"   data-original-mos=\"https:\/\/cdn.mos.cms.futurecdn.net\/fP9xbWGfSK9RFjmj8dXbqS.jpg\" data-pin-media=\"https:\/\/cdn.mos.cms.futurecdn.net\/fP9xbWGfSK9RFjmj8dXbqS.jpg\"><img decoding=\"async\" src=\"https:\/\/cdn.mos.cms.futurecdn.net\/fP9xbWGfSK9RFjmj8dXbqS-320-80.jpg\" alt=\"Screenshot of the Microsoft Store on Windows 11\" onerror=\"if(this.src &#038;&#038; this.src.indexOf('missing-image.svg') !== -1){return true;};this.parentNode.replaceChild(window.missingImage(),this)\"   data-original-mos=\"https:\/\/cdn.mos.cms.futurecdn.net\/fP9xbWGfSK9RFjmj8dXbqS.jpg\" data-pin-media=\"https:\/\/cdn.mos.cms.futurecdn.net\/fP9xbWGfSK9RFjmj8dXbqS.jpg\"><\/picture>\n<\/div>\n<p><meta itemprop=\"url\" content=\"https:\/\/cdn.mos.cms.futurecdn.net\/fP9xbWGfSK9RFjmj8dXbqS.jpg\"><br \/>\n<meta itemprop=\"height\" content=\"600\"><br \/>\n<meta itemprop=\"width\" content=\"338\"><figcaption itemprop=\"caption description\">\n<span>Head to the Microsoft Store to get the fix<\/span><br \/>\n<span itemprop=\"copyrightHolder\">(Image credit: Future)<\/span><br \/>\n<\/figcaption><\/div>\n<div id=\"article-body\">\n<p>Microsoft has acted swiftly to patch up the worrying &#8216;acropalypse&#8217; bug that <a href=\"https:\/\/www.techradar.com\/news\/the-windows-11-cropping-tool-shares-a-google-pixel-security-flaw\">we reported on<\/a> earlier this week \u2013 a bug that could enable information cropped out of images by the Windows screenshot tools to be recovered.<\/p>\n<p>As per <a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-pushes-oob-security-updates-for-windows-snipping-tool-flaw\/\" target=\"_blank\" data-url=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-pushes-oob-security-updates-for-windows-snipping-tool-flaw\/\" rel=\"noopener\">BleepingComputer<\/a><span> (opens in new tab)<\/span>, Microsoft has now issued an OOB (out-of-band or emergency) update that fixes the issue, which has the technical designation of CVE-2023-28303. Microsoft is recommending that users apply the update at their earliest opportunity, as you might expect.<\/p>\n<p>Applying the update isn&#8217;t difficult at all: from the Microsoft Store, click the Library icon on the left, then pick Get updates (top right). This should force the patch to be applied, if it hasn&#8217;t already been automatically installed.<\/p>\n<h2 id=\"carry-on-cropping\">Carry on cropping<\/h2>\n<p>The bug \u2013 which is similar to one that has affected the Markup feature <a href=\"https:\/\/www.techradar.com\/news\/this-google-pixel-flaw-could-let-hackers-undo-all-your-photo-cropping\">on Google Pixel phones<\/a> \u2013 means that images and screenshots cropped in the Windows 11 Snipping Tool and the Windows 10 Snip and Sketch tool could be compromised.<\/p>\n<p>Essentially, the CVE-2023-28303 vulnerability means that parts of a PNG or JPEG image that have been cropped out aren&#8217;t properly removed from the file after it&#8217;s saved again. Those cropped sections could include sensitive information such as bank account details or medical records, for example.<\/p>\n<p>It&#8217;s important to note that applying the patch won&#8217;t fix any files that have already been cropped, only ones that are edited in the future. You&#8217;ll need to recrop any existing images to be sure the excess parts of the picture have been properly removed.<\/p>\n<hr>\n<h2 id=\"analysis-a-quick-fix-for-a-worrying-bug\">Analysis: a quick fix for a worrying bug<\/h2>\n<p>At first, the opportunity of recovering cropped out parts of images may not seem like a particularly terrible security vulnerability \u2013 after all, who cares if someone manages to add back in some empty sky that you&#8217;ve removed from one of your vacation photos?<\/p>\n<p>There are lots of reasons that images are cropped though, as tech journalists know all too well. Personal information such as email addresses, bank account numbers and contact names need to be cut out of pictures before they&#8217;re shared widely on the internet.<\/p>\n<p>With so many of us sharing so many of our photos with other people and on the web at large, it&#8217;s crucial from a security perspective that these images don&#8217;t reveal more than we want them too \u2013 something which was a problem with CVE-2023-28303.<\/p>\n<p>Microsoft has at least acted quickly to get the fix tested and then applied \u2013 but it&#8217;s a concern that this same bug has appeared completely separately in software from both Microsoft and Google in recent days.<\/p>\n<ul>\n<li><a href=\"https:\/\/www.techradar.com\/news\/best-internet-security-suites\">The best internet security suites you can buy<\/a><\/li>\n<\/ul>\n<\/div>\n<div data-hydrate=\"true\" data-reactroot id=\"slice-container-newsletterForm-articleInbodyContent\">\n<section>\n<p>Sign up to receive daily breaking news, reviews, opinion, analysis, deals and more from the world of tech.<\/p>\n<\/section>\n<\/div>\n<div data-reactroot id=\"slice-container-authorBio\">\n<p>Dave is a freelance tech journalist who has been writing about gadgets, apps and the web for more than two decades. Based out of Stockport, England, on TechRadar you&#8217;ll find him covering news, features and reviews, particularly for phones, tablets and wearables. Working to ensure our breaking news coverage is the best in the business over weekends, David also has bylines at Gizmodo, T3, PopSci and a few other places besides, as well as being many years editing the likes of PC Explorer and The Hardware Handbook.<\/p>\n<\/div>\n<\/section>\n<p><a href=\"https:\/\/www.techradar.com\/news\/microsoft-pushes-out-an-emergency-fix-for-the-dangerous-acropalypse-bug\" class=\"button purchase\" rel=\"nofollow noopener\" target=\"_blank\">Read More<\/a><br \/>\n Dion Wiers<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Home News Computing Head to the Microsoft Store to get the fix (Image credit: Future) Microsoft has acted swiftly to patch up the worrying &#8216;acropalypse&#8217; bug that we reported on earlier this week \u2013 a bug that could enable information cropped out of images by the Windows screenshot tools to be recovered.As per BleepingComputer (opens<\/p>\n","protected":false},"author":1,"featured_media":622515,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[78,2646,46],"tags":[],"class_list":{"0":"post-622514","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-microsoft","8":"category-pushes","9":"category-technology"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/622514","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=622514"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/622514\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/622515"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=622514"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=622514"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=622514"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}