Microsoft released an emergency security update for “Acropalypse” (CVE-2023-28303). The vulnerability impacts the Windows 10 and 11 Snipping tool and allows attackers to recover edited portions of screenshots.
CVE-2023-28303 has a CVSS score of 3.3 and affects the Snip and Sketch app on Windows 10 and the snipping Tool on Windows 11. Although the severity of the vulnerability is low, successful exploitation could reveal sensitive information that may have been cropped out. Successful exploitation of CVE-2023-28303 requires that the user does the following:
The flaw does not impact instances where the user copies an image from the Snipping Tool or modifies it before saving it. Microsoft addressed CVE-2023-28303 in the Snip and Sketch application version 10.2008.3001.0, which is installed on Windows 10, and in the Snipping Tool version 11.2302.20.0, which is installed on Windows 11.
At this time, there are no known IoCs associated with CVE-2023-28303. Avertium’s threat hunters remain vigilant in locating IoCs for our customers. Should any be located, Avertium will disclose them as soon as possible. For more information on how Avertium can help protect your organization, please reach out to your Avertium Service Delivery Manager or Account Executive.