Microsoft has released an emergency update to Windows that fixes a privacy-threatening bug dubbed ‘aCropalypse'. This bug could potentially allow details that were cropped out of images by the Windows screenshot tool to be recovered by any user. The issue prevented information cropped out from screenshots from being removed from the source image, allowing it to be retained in the file and recovered at a later date. The details at risk could have included sensitive information like bank card details, medical records, phone numbers, as well as social security information.
First detected on Pixel smartphones and dubbed "aCropalypse", the CVE-2023-28303 vulnerability meddled with the image cropping tool on Pixel smartphones for screenshots. Researchers then found a similar flaw on the screenshot tool for Windows, after which Microsoft has issued an update for the operating system.
Microsoft has asked users to deploy the update immediately to prevent the disclosure of any personal information that could be accompanying images, according to a Bleeping Computer report.
To install the fix, Windows users need to visit the Microsoft Store and select Get Updates on the Library section located on the left of the screen. This is not the first time that such a vulnerability has been discovered on a popular and widely used tool. Previously, the Google Pixel phones had encountered a similar issue.
It is worth noting that Microsoft was quite swift in taking an action against the bug. In February, the company rolled out a major update for Windows 11, integrating the new AI-powered Bing search engine with the Windows 11 taskbar.
Making inroads in the Web3 sector, Microsoft is also testing support for a crypto wallet on its Edge browser. This wallet has been built on the Ethereum blockchain and it is expected to be a part of Edge in a future update. As part of its functionality, this digital wallet could allow users to store and hold Ether tokens and other Ethereum-based cryptocurrencies, as per the report.
from Gadgets 360 https://ift.tt/YNi3gHa
No comments:
Post a Comment