• caglararli@hotmail.com
  • 05386281520

Png/JPG exploit without opening the image?

Çağlar Arlı      -    16 Views

Png/JPG exploit without opening the image?

I recently stumbled on multiple cases suggesting there's a JPG/PNG exploit that is able to silently execute malicious code when simply viewing the image. I am looking for some insight as to whether this vulnerability requires the user to open the png or just simply "view" it.

Videos showing POC:

https://www.youtube.com/watch?v=LsJFJkj8uiY (Discord to distribute) - Dead link
https://www.youtube.com/watch?v=1x6CLoKySoQ (Gmail to distribute) - Dead link

In the above videos, the malicious code executes from just viewing the image inside your browser, not even downloading and opening locally. I mean if this is the case, and I'm interpreting this correctly, then surely at this current state the internet is lost? In basic terms, don't open your browser?