Information security experts have discovered that the aCropalypse vulnerability, which allows restoring the original image edited on a Google Pixel device (using the Markup tool), is turning into a 0-day for Windows.

Let me remind you that we also wrote that YouTube Video Causes Pixel Smartphones to Reboot, and also that Information Security Specialists Discovered a 0-day Vulnerability in Windows Search.

Also information security specialists reported that the Google Pixel bug prevented users from calling 911.

It turned out that the aCropalypse bug also works for images cropped using the Windows Snipping Tool, which means that previously deleted content can also be restored for these images.

Restoring a shaded bank card number

The aCropalypse vulnerability (CVE-2023-21036) was discovered by cybersecurity experts Simon Aarons and David Buchanan. It allows restoring any images modified using the built-in Markup screenshot editor, which appeared on Pixel smartphones in 2018 with the release of Android 9.0 Pie.

In the case of the Pixel, the problem lies in how the image file is opened for editing: the cropped data still remains in the new saved image, allowing about 80% of the original image to be restored.

The researchers warned that aCropalypse could expose users’ sensitive information if they had once edited an image with Markup and then shared the file with other people or even posted it online.

Because some platforms don’t compress user-uploaded media, the sensitive data contained in the images may have been left untouched and stored somewhere online all these years. In this light, the example given by Aarons with the blurred bank card number shown above is very revealing.

It looks like the aCropalypse issue has gotten a lot worse now, as programmer Chris Blume has discovered that the vulnerability also affects the Windows Snipping Tool.

When you open a file in the Snipping Tool and overwrite the existing file, the same thing happens as in Markup: instead of truncating the unused data, the tool puts the unused data at the end of the file, which eventually allows to partially restore it.

Bleeping Computer and well-known information security expert Will Dormann confirm that the vulnerability actually works in Windows 10 and 11. So, Dormann suggested a simple test: copy any image (to have a backup), then open it with the Snipping Tool ” and crop it to a much smaller size. Save the file and compare the sizes of the cropped and original files. As you can see in the screenshot below, the file sizes are the same.

Bleeping Computer journalists went even further. They note that the PNG file specification requires that a PNG image file always ends with an “IEND” data fragment, with any data added after it being ignored by image editors and viewers. And unused data remains in the file after IEND.

After all the manipulations described above, the journalists decided to “see” this data.

Since the acropalypse.app online application does not work with Windows files, David Buchanan shared with the publication a Python script that can be used to restore Windows files. The successful result of this script, which the expert does not intend to make public yet, can be seen below.

It is noted that not all PNG files are affected by this problem, and not all originals for all files can be completely restored.

In addition, opening a PNG file in a graphics editor (such as Photoshop) and saving it as another file will delete unused data at the end and cannot be recovered.

It is worth saying that the Snipping Tool works exactly the same with JPG files, saving the “cropped” data when overwritten. However, Buchanan says that his exploit does not yet work with JPGs, although recovery of such images is most likely possible.

Microsoft representatives told the media that they are already aware of this problem. The company is currently investigating the matter, and it promises it will “take steps to protect customers if necessary.”

The post The aCropalypse Vulnerability Poses a Threat Not Only to Pixel, but Also to Windows appeared first on Gridinsoft Blog.

Users have found that Pixel smartphones powered by Google Tensor processors are rebooting when user is trying to watch a clip from the movie “Alien” on YouTube in 4K HDR.

Let me remind you that we also wrote that Janet Jackson Song Killed Hard Drives on Old Laptops, as well as Cellmate men’s chastity belts are vulnerable to attacks and dangerous for users.

Also the media wrote that Bypassing the Lock Screen on Pixel Smartphones Netted a Researcher $70,000.

A strange issue was reported by users on the Google Pixel subreddit. So, a person with the nickname OGPixel5 writes that when you try to watch this video on YouTube, Google Pixel 6, 6a and Pixel 7 smartphones instantly reboot. Something in this video has an extremely negative effect on the devices, as they go into reboot without having time to show their owner a single frame.

At the same time, other users note that after a reboot, for some reason, cellular communication does not work, and in order to activate it again, you will need to restart the device again, but manually.

The main theory of users is that something in the video format (it’s 4K HDR) is causing smartphones to crash. Similar errors have happened before, for example, in 2020 there was a lot of discussion about “cursed wallpapers” that crashed when set as a background (the problem was a color space error).

All phones affected by this bug use Tensor SoC from Google Exynos, so the problem does not appear on other devices. It is likely that Samsung Exynos-based devices can also experience crashes, but so far no one has reported such problems.

For the first time, information about the reboot-inducing YouTube video appeared on the network last weekend, and today ArsTechnica journalists reported that the developers seem to have already fixed this bug. The publication reported that yesterday, the Pixel 7 Pro available to the editors instantly turned off when trying to open a video, and today it plays it normally. Several users on the Pixel subreddit have also reported that the video is working fine now.

Although users and journalists did not find updates to the application and other signs of the release of any “patch”, the publication notes that Google may well remotely influence the operation of smartphones without actually installing updates.

The post YouTube Video Causes Pixel Smartphones to Reboot appeared first on Gridinsoft Blog.