Fear not, the ‘acropalypse’ isn’t coming to your iPhone and Mac

While we don’t usually pay attention to security issues on Android and Windows devices, one caught our eye this week. Dubbed “acropalypse,” it affects photos and screenshots that have been cropped using built-in software in Pixel phones and Windows 11 PCs.

As discovered by programmer Simon Aarons, the bug is a weird one. While looking at photos cropped by the Markup tool exclusive to Pixel phones, Aarons found that the information that was supposedly cropped out wasn’t actually deleted from the image and could be recovered with some light legwork. He even built a quick demo app to demonstrate.

As if that wasn’t bad enough, a similar bug was discovered by Chris Blume and confirmed by David Buchanan that affects the Snipping Tool in Windows 11. A screenshot cropped with Windows’ Snipping Tool and saved over the original won’t show the cropped area but also won’t fully delete it. 

As Blume explains: “I opened a 198 byte PNG with Microsoft’s Snipping Tool, chose ‘Save As’ to overwrite a different PNG file (no editing), and saved a 4,762 byte file with all that extra after the PNG IEND chunk.” That means the smaller cropped file is actually larger than the original image.

Like the Pixel bug, that data can be recovered with little effort. Most of the time, the cropped-out portion probably isn’t all that important, but it could be something sensitive or embarrassing that the user wouldn’t want anyone else to see.

Microsoft and Google are expected to issue patches to fix the vulnerability in an upcoming update. It’s not clear whether the bugs affecting Pixel phones and Windows PCs are related or just coincidental, but we’re sure of one thing: Apple devices aren’t affected.

Mac and iPhone users don’t have to worry about the “acropalypse” bug spreading to iPhones and Macs. We tested several cropped images using the Mac’s screenshot tool and Photo’s crop tool on the iPhone and in all instances, the cropped photos were significantly smaller than the original image, meaning data has been appropriately removed.

So crop away. And maybe ask your Windows friends if you can help them out while you’re at it.

Source : Macworld