A flaw found on the Pixel Markup tool for editing screenshots allows someone to erase all edits and crops which could divulge personal data,
Tomorrow, Pixel 6 users should be able to install the stable version of QPR2 which includes the March security patch. And while those who installed the QPR3 Beta 1 update already have the March security patch, the rest of those using the Pixel 6 series will be covered from a nasty vulnerability that allows a bad actor with knowledge of only a phone numberAnother vulnerability is patched by the March security patch although merely installing the update won't make all of your problems go away.
Markup was released as part of Android 9 Pie in 2018 and allows users to crop, draw, add text, and highlight screenshots. As an example, let's say you took a screenshot of your credit card from your bank's website. You crop out everything except for the card number that you cover up using the black marker tool available via Markup.
This occurs because Markup saves the original pre-edited, pre-cropped screenshot in the same file location as the edited screenshot and never deletes the original image. Some platforms such as Twitter will reprocess the image which removes the flaw, Discord, didn't patch its site until January which means images posted on the platform before January 17th could be vulnerable.
The flaw was designated in the March security patch as CVE-2023-21036. CVE stands for Common Vulnerabilities and Exposures and is used to identify, catalog, and promote flaws. There is a website that you can use at acropalypse.app to determine whether a screenshot you previously shared can be exploited. Considering that this vulnerability first surfaced as long as five years ago, you might have some shared screenshots that you edited to hide certain information. The hidden data could be at risk depending on the platform you shared it on even after you install the March security update on your Pixel phone.
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Google Pixel vulnerability allows bad actors to undo Markup screenshot edits and redactions | EngadgetThe “aCropalypse” flaw allowed someone to take a PNG screenshot cropped in Markup and undo at least some of the edits in the image..
Read more »
Google Camera app version 8.8 gives Pixel 6 users the faster and improved Night Sight featureVersion 8.8 of the Google Camera app brings the improved Night Sight to the Pixel 6 and Pixel 6 Pro.
Read more »
Google Pixel exploit reverses edited parts of screenshotsThe flaw can potentially reveal redacted information.
Read more »
Beijing may allow foreign financial firms to list in China - ex-finance ministerChina will encourage foreign capital to participate in its financial markets and may allow foreign-funded financial institutions to go public in the country when 'conditions are ripe', local media quoted a former finance minister as saying on Saturday.
Read more »
Landlords fight bill to allow renters to terminate leases after outageTexas is widely known as a “landlord-friendly” state, while tenant rights are much weaker. Still, landlords say that this bill is not only unfair, it’s unhelpful.
Read more »
Extension reached for Black Sea grain dealAfter intense negotiations and multiple shuttle trips to Kyiv, Moscow and Istanbul by U.N. officials, including the secretary-general, Russia agreed to an extension of the so-called Black Sea Grain Initiative.
Read more »