Google Pixel Bug Lets Anyone Undo Edits Made With the Markup Tool

1 min read

A severe vulnerability has been found with the Markup tool on Google Pixel smartphones that can let hackers un-edit the edited screenshots. While the vulnerability has been patched with the latest March 2023 security patch, it still poses risks for Pixel users. Identified by security researchers Simon Aarons and David Buchanan, dubbed the “apocalypse?” flaw, marked CVE-2023-21036, lets someone undo some of the edits made with the Markup tool on a cropped PNG screenshot.

According to the developers, this means that years-worth of redacted images sent on platforms such as Discord over the past five years could potentially be at risk of being exposed by bad actors. That’s because the vulnerability existed when Google introduced the Markup feature in Android 9 Pie last year, and it only takes a few steps to reclaim that data.

Latest News: Study Shocks The World; Over 170 Trillion Plastic Particles Found In Oceans

How it works

Whenever a user crops or edits an image using the Markup tool, Google saves both the original snapshot and the edited version in the same folder. The app then uses the modified version while the original image remains unchanged.

But this doesn’t prevent hackers from reclaiming those original edits, as the reverse engineering process can recover them. It’s all about knowing where the information is stored in a file.

As a result, the reclaimed information can include anything from personal information to passwords and even private photos.

Test your cropped pngs here.

After discovering the vulnerability, security researcher and ethical hacker David Schutz tried the exploit on his Pixel 6 device. He realized that by swapping out the SIM card, entering the correct PIN incorrectly three times, and then entering a Personal Unlocking Key (PUK) code and choosing a new PIN, he could unlock the phone without any fingerprint or PIN.

This bug could easily be abused by crooks, hackers, and jealous spouses. It’s why Schutz reported it to Google and was given a $70,000 bounty for discovering and reporting the vulnerability.

The vulnerability was fixed in the latest update for Pixel devices, but it’s important to remember that older Pixel devices may not be able to receive security updates. The company has stated that it will not release patches for devices that are out of support.

Why the patch is so important

While it’s nice that Google has finally fixed the security issue, it’s also worth noting that many people may have been sharing these redacted images over the years on platforms like Discord. As a result, keeping track of these files is challenging, and bad actors could easily reclaim them.

This bug is serious, and it’s a shame that it was only found recently and didn’t get the attention it deserved. It’s a glaring security vulnerability that will significantly impact how people share and protect their private information. That’s why it’s vital to patch this bug immediately.

James Williams

James Williams is a bestselling author and historian with a passion for storytelling. He has written numerous books on historical figures and events, including biographies of famous leaders and explorers. James is also a regular contributor to several historical publications and blogs. His ability to bring history to life has earned him critical acclaim and a loyal following of readers. When he's not writing, James enjoys traveling to historical sites and exploring new places.

Leave a Reply

Your email address will not be published.

Latest from Featured Posts

About

London Times Now – International Breaking News, Opinion, and Analysis from London and Beyond. We believe in delivering news that matters and makes a difference to our readers. We understand that our readers trust us to deliver news that is fair and balanced, and we take that responsibility seriously. In addition to our news coverage, we also feature opinion pieces, analysis, and commentary from some of the most respected voices in the industry.

Top Authors

Zion Roelofs bestselling author and renowned speaker on leadership and personal development. He has written several books on the subject. Zion's work has been featured in The Business Review, and The New York Times. He is a sought-after keynote speaker and has addressed audiences at major events around the world. Zion holds an MBA from Stanford University and a degree in psychology from the University of California, Berkeley.

Interview

Copyright 2023. London Times Now All rights reserved. Published by The Herald Diary