To exploit this vulnerability, the image must be created under very specific condition listed here.
According to the information provided by Microsoft, “The default Snipping Tool in Windows 10 and older versions are unaffected. Only Snip & Sketch in Windows 10 and Snipping Tool in Windows 11 are affected by this vulnerability. A security update has been released for these applications, which are available through the Microsoft Store.”
This is the information provide to verify if the system is affected:
For Snip and Sketch installed on Windows 10, app versions 10.2008.3001.0 and later contain this update.
For Snipping Tool installed on Windows 11, app versions 11.2302.20.0 and later contain this update.
Guy Bruneau IPSS Inc.
My Handler Page
gbruneau at isc dot sans dot edu
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.