MIME types exceptions in Web-shield

I see in the exceptions section for the Web-shield that there are exceptions for video/* and audio/*, but for image there are only exceptions for image/gif and image/png, and not for image/jpg.

I guess this is because code could be hidden inside a JPG-image that would execute on Windows.

But wasn’t this threat fixed in a Windows-update some time ago?

Is there danger adding image/* to the exception list now?

A majority of web-page images are JPG, and not having an exception for that causes many file to be scanned, slowing down display of web-pages (especially on older computers).

What are your thoughts?

Because .jpg files are targets of malware and need to be scanned to prevent exploits/malware.

So when Microsoft says they have “plugged” that hole in Windows, they are not telling us all?
I thought that error had to do with something overflowing and then triggering something inside the file.
Normal web-browser and image-programs don’t execute anything inside a file.
Can you say a bit more about how a JPG file causes a threat still now?
(please be technical if you need to, I am a programmer, so Iæll try to understand :slight_smile:

There are still exploit attempts regardless of what MS tells you. Code can be placed at the end of a jpg file which can be executed, try to redirect you to a malicious site, etc.

Also assuming that users regularly patch their Windows does not exactly match reality. See all the people with XP SP2 here. >:(

Know that :slight_smile:
But for those who DO update their systems.
Is JPG still a risk for those today?

Read my last post again, there are examples of such redirection in the viruses and worms forum if you search.

GDI+ is notoriously buggy. E.g., looking at the “impressive” list of affected SW at http://www.sophos.com/support/knowledgebase/article/64693.html I seriously doubt that MS will ever learn. Also note that MS09-062 covers WMF, PNG, TIFF, BMP… ::slight_smile: MS has been fixing this thing over and over again.

But avast! had exceptions for PNG and GIF as standard.
Should they be removed as well (can PNG and GIF also contain code)?

I bow to avast’s greater knowledge of these matters and would tend to leave the default settings. If they became a target which could be exploited no doubt they would be removed.