New here?
Create an account to submit posts, participate in discussions and chat with people.
Sign up
9
Security Vulnerability on dot win: WebP files disguised as jpeg
posted 2 years ago by ChadRudy (+9 / -0 )
4 comments
Permalink
First noticed by then, see here for context https://communities.win/c/ConsumeProduct/p/142BTB1ZSP/x/c
 
TL;DR scored.co media server can serve malformed exploit files as jpeg. The file in the link above was nuked so it is safe to click.
 
Assume your Apple devices have been compromised and act accordingly.
You must log in or sign up to comment
4 comments:
5
admin
2 years ago 5 points (+5 / -0 ) 1 child
It isn't possible to upload such an image here. Images are compressed before being saved, which automatically converts them to a valid format and also removes any EXIF data. The original files are not served.
Permalink Reply
None
2
hellsonnenrad
2 years ago 2 points (+2 / -0 )
Based admin admin.
Permalink Reply
None
1
YunoGasai_IsHot
2 years ago 1 point (+1 / -0 )
Just don't click links from handshakes and you will be fine. Probably.
Permalink Reply
None
1
Optimist2
2 years ago 1 point (+1 / -0 )
Act accordingly?
Permalink Reply
None
Toast message