Google has fixed the CVE-2023-21036 vulnerability in Pixel smartphones. It allowed attackers to recover information painted over by users in screenshots. It is reported by The Verge.
The problem was with the Markup tool. With its help, users mask personal data in photos, in particular, information in private documents. The vulnerability allowed attackers to partially recover the original screenshots. The reason was that Markup kept not only the edited file, but also the original.
The existence of the problem has been known for more than five years, so the company’s reaction is without exaggeration long-awaited. It is already known that Google has released a patch for Pixel 4A, 5A, 7 and 7 Pro smartphones that eliminates this vulnerability. However, it is not yet known when other devices will receive the update.
We previously reported that Google and Meta are accused of “unreasonably large” staffing.
