Windows Snipping Tool Vulnerability Allows Attacker to Perform Spoofing Over a Network
\n \t
\n
<\/BR>
\n
\n \t
\n
<\/BR><\/p>\n
Microsoft has addressed a moderate-severity security flaw in the Windows Snipping Tool that could allow malicious actors to steal user credentials.<\/p>\n
Tracked as CVE-2026-33829, this spoofing vulnerability <\/a>was officially patched during the April 14, 2026, security updates.<\/p>\n Discovered and reported by security researchers at Blackarrow (Tarlogic), the flaw highlights the ongoing risks associated with application URL handlers in Windows environments.<\/a><\/p>\n CVE-2026-33829 holds a CVSS 3.1 score of 4.3 and is classified as an exposure of sensitive information to unauthorized actors (CWE-200)<\/a>.<\/p>\n The vulnerability resides in how the Windows Snipping Tool processes deep links. Specifically, the application fails to validate input when handling the\u00a0 According to the vulnerability disclosure provided by Microsoft and Blackarrow, an attacker can exploit this weakness to force an authenticated Server Message Block (SMB) connection<\/a> to a remote, attacker-controlled server.<\/p>\n While the exploit requires user interaction, the attack complexity is considered low. Here is how the attack chain operates based on the released proof-of-concept:<\/p>\n Security experts warn that this vulnerability is highly adaptable for social engineering campaigns. An attacker could send a legitimate-looking webpage asking a user to crop a corporate wallpaper or edit a badge photo.<\/p>\n While the Snipping Tool opens normally on the user\u2019s screen, making the request appear harmless, NTLM authentication occurs invisibly<\/a>.<\/p>\n Although successful exploitation results in a loss of confidentiality, it does not allow the attacker to alter data (Integrity) or crash the system (Availability).<\/p>\n Microsoft notes that the exploit code maturity is currently unproven<\/a>, and actual exploitation remains \u201cUnlikely.\u201d There are no reports of it being exploited in the wild.<\/p>\n The vulnerability, detailed on GitHub, impacts a wide range of Microsoft operating systems<\/a>, including multiple versions of Windows 10, Windows 11, and Windows Server from 2012 through 2025.<\/p>\n To secure networks against CVE-2026-33829, organizations should implement the following mitigation strategies:<\/p>\n Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n The post Windows Snipping Tool Vulnerability Allows Attacker to Perform Spoofing Over a Network<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\nms-screensketch<\/code>\u00a0URI schema properly.<\/p>\nSpoofing Flaw Exposes Snipping Tool<\/strong><\/h2>\n
\n
ms-screensketch: edit<\/code>\u00a0parameter.<\/li>\nAffected Systems<\/strong><\/h2>\n
\n