Google has fixed the CVE-2023-21036 vulnerability on Pixel smartphones that allows the recovery of data that users have “painted over” in screenshots. It has been reported Border.
We’re talking about an issue with Pixel’s built-in Markup tool, which is often used to hide some personal data in a photo – for example, to hide a passport number. The vulnerability, dubbed “aCropalypse”, allowed an attacker to partially restore an original PNG screenshot that was previously edited in Markup. This opened up ample opportunities for fraud, as the criminal could potentially learn not only the name of the victim, but also all the details of, for example, the bank card.
The vulnerability was discovered because Markup kept the edited file without deleting it with the original. The problem has existed for five years, starting with the version of the Android 9 Pie operating system.
It is known that Google has released a patch for Pixel 4A, 5A, 7 and 7 Pro smartphones that eliminates this vulnerability. It is not yet known when the update will be made available for other devices from the company.
Formerly socialbites.ca we talked about itThe prototype of the Google Pixel 7a smartphone was put on eBay before the official announcement.
Source: Gazeta
Jackson Ruhl is a tech and sci-fi expert, who writes for “Social Bites”. He brings his readers the latest news and developments from the world of technology and science fiction.