The security industry was recently rocked by news of the “Acropalypse” Android screenshot bug, a major vulnerability that allowed hackers to gain full access to an Android device. Now, it appears that this same bug has turned into a zero-day Windows vulnerability, thus opening up the possibility for hackers to gain control of Windows machines.
The “Acropalypse” Android screenshot bug was first discovered by researchers from Google’s security team. They found that the bug allowed an attacker to gain access to an Android device by taking a screenshot of its screen. To exploit the vulnerability, all an attacker needed to do was take a screenshot of the top layer of the screen and the full content of the device was available for them to access.
While this vulnerability was found on the Android platform, it has now been discovered that it can also be used to target Windows machines. Through a process called “warming up”, hackers can use the same vulnerability to gain control of a Windows machine. This can be done by taking a screenshot of a Microsoft Office file or document that is stored on the targeted machine and then sending it to another computer. Once the file or document has been sent, the attacker can gain control of the targeted machine’s system by executing the malicious file.
The discovery of the “Acropalypse” Windows vulnerability was first reported by security firm Cylance who are warning that anyone running Windows machines should take steps to protect their systems against “zero-day” exploits. They advise users to update their operating systems to the latest version and to be vigilant when opening email attachments as they may contain malicious files.
The severity of this bug is heightened by the fact that it has been classed as a “zero-day” vulnerability. This means that the bug has been discovered but there is no patch available to protect against it. Therefore, it is essential that any Windows user is mindful of the potential threats posed by this vulnerability and takes measures to protect themselves from an attack.
In conclusion, the “Acropalypse” Android screenshot bug has now turned into a zero-day Windows vulnerability. This means that hackers now have the ability to gain control of Windows machines by taking a screenshot of a Microsoft Office file or document. Therefore, users need to be aware of the risks posed by this vulnerability and take steps to protect their systems.
