{"id":127347,"date":"2025-12-24T12:04:26","date_gmt":"2025-12-24T04:04:26","guid":{"rendered":"https:\/\/version-2.com\/?p=127347"},"modified":"2025-12-24T12:09:19","modified_gmt":"2025-12-24T04:09:19","slug":"eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2025\/12\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\/","title":{"rendered":"ESET Research analyzed a critical flaw in Windows Imaging Component, which abuses JPG files"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\n\nESET researchers have concluded an in-depth examination of CVE-2025-50165<\/strong>, a Windows Imaging Component vulnerability. Although classified as critical, ESET\u2019s root cause analysis suggests the complexity of exploitation makes large-scale attacks highly improbable.\n
Technical Distinction:<\/strong> The flaw exists in the encoding and compression<\/em> stage of a JPG image, not the decoding (rendering) stage. Simply viewing a malicious image will not trigger the vulnerability.<\/div>\n

Root Cause: WindowsCodecs.dll<\/h2>\nThe vulnerability occurs when WindowsCodecs.dll<\/code> attempts to encode a JPG image using 12-bit or 16-bit data precision. The specific function involved, jpeg_finish_compress<\/code>, is triggered during specific actions such as saving an image or generating system thumbnails.\n

Expert Analysis<\/h2>\n\u201cOur analysis indicates that exploitation is harder than it appears,\u201d says ESET researcher Romain Dumont<\/strong>. \u201cA host application is only vulnerable if it allows JPG images to be re-encoded, and even then, an attacker would need precise control over heap manipulation and address leaks to achieve remote code execution.\u201d\n

Key Takeaways<\/h2>\n
    \n \t
  • Open Source Roots:<\/strong> The component utilizes libjpeg-turbo<\/em>, which saw similar vulnerabilities patched in late 2024.<\/li>\n \t
  • Reproduction:<\/strong> ESET has successfully reproduced the system crash using a 12-bit\/16-bit JPG test method.<\/li>\n \t
  • Status:<\/strong> Microsoft released a patch for this vulnerability in August; users are encouraged to verify their systems are up to date.<\/li>\n<\/ul>\nFor the full technical report, visit WeLiveSecurity.com<\/strong> and search for \u201cRevisiting CVE-2025-50165.\u201d\n\n<\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t
    \n\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    About ESET<\/strong>
    For 30 years, ESET\u00ae has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET\u2019s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24\/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single \u201cin-the-wild\u201d malware without interruption since 2003.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t

    \n\t\t\t\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t\t
    \n\t\t\t
    \n\t\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    About Version 2 Digital<\/h3>

    Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n

    \nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

    ESET researchers have concluded an in-depth examination […]<\/p>\n","protected":false},"author":149011790,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1305,40,61],"tags":[1077,41],"class_list":["post-127347","post","type-post","status-publish","format-standard","hentry","category-1305","category-eset","category-press-release","tag-1077","tag-eset"],"acf":[],"yoast_head":"\nESET Research analyzed a critical flaw in Windows Imaging Component, which abuses JPG files - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\/\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"ESET Research analyzed a critical flaw in Windows Imaging Component, which abuses JPG files - Version 2\" \/>\n<meta property=\"og:description\" content=\"ESET researchers have concluded an in-depth examination […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2025-12-24T04:04:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-12-24T04:09:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/version-2.com\/wp-content\/uploads\/2020\/04\/blog-v2-logo.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"250\" \/>\n\t<meta property=\"og:image:height\" content=\"70\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"tracylamv2\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"tracylamv2\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/us\\\/about\\\/newsroom\\\/research\\\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2025\\\/12\\\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\\\/\"},\"author\":{\"name\":\"tracylamv2\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\"},\"headline\":\"ESET Research analyzed a critical flaw in Windows Imaging Component, which abuses JPG files\",\"datePublished\":\"2025-12-24T04:04:26+00:00\",\"dateModified\":\"2025-12-24T04:09:19+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2025\\\/12\\\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\\\/\"},\"wordCount\":237,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"keywords\":[\"2025\",\"ESET\"],\"articleSection\":[\"2025\",\"ESET\",\"Press Release\"],\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.eset.com\\\/us\\\/about\\\/newsroom\\\/research\\\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2025\\\/12\\\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\\\/\",\"url\":\"https:\\\/\\\/www.eset.com\\\/us\\\/about\\\/newsroom\\\/research\\\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\\\/\",\"name\":\"ESET Research analyzed a critical flaw in Windows Imaging Component, which abuses JPG files - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"datePublished\":\"2025-12-24T04:04:26+00:00\",\"dateModified\":\"2025-12-24T04:09:19+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.eset.com\\\/us\\\/about\\\/newsroom\\\/research\\\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\\\/#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.eset.com\\\/us\\\/about\\\/newsroom\\\/research\\\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.eset.com\\\/us\\\/about\\\/newsroom\\\/research\\\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"ESET Research analyzed a critical flaw in Windows Imaging Component, which abuses JPG files\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/011bc7c3731c930bcfeecd52fefb6365\",\"name\":\"tracylamv2\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g\",\"caption\":\"tracylamv2\"},\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/tracylamv2\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"ESET Research analyzed a critical flaw in Windows Imaging Component, which abuses JPG files - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\/","og_locale":"zh_HK","og_type":"article","og_title":"ESET Research analyzed a critical flaw in Windows Imaging Component, which abuses JPG files - Version 2","og_description":"ESET researchers have concluded an in-depth examination […]","og_url":"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\/","og_site_name":"Version 2","article_published_time":"2025-12-24T04:04:26+00:00","article_modified_time":"2025-12-24T04:09:19+00:00","og_image":[{"width":250,"height":70,"url":"https:\/\/version-2.com\/wp-content\/uploads\/2020\/04\/blog-v2-logo.jpg","type":"image\/jpeg"}],"author":"tracylamv2","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"tracylamv2","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"2 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/2025\/12\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\/"},"author":{"name":"tracylamv2","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365"},"headline":"ESET Research analyzed a critical flaw in Windows Imaging Component, which abuses JPG files","datePublished":"2025-12-24T04:04:26+00:00","dateModified":"2025-12-24T04:09:19+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2025\/12\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\/"},"wordCount":237,"commentCount":0,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"keywords":["2025","ESET"],"articleSection":["2025","ESET","Press Release"],"inLanguage":"zh-HK","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.eset.com\/us\/about\/newsroom\/research\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2025\/12\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\/","url":"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\/","name":"ESET Research analyzed a critical flaw in Windows Imaging Component, which abuses JPG files - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"datePublished":"2025-12-24T04:04:26+00:00","dateModified":"2025-12-24T04:09:19+00:00","breadcrumb":{"@id":"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\/#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.eset.com\/us\/about\/newsroom\/research\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.eset.com\/us\/about\/newsroom\/research\/eset-research-analyzed-a-critical-flaw-in-windows-imaging-component-which-abuses-jpg-files\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"ESET Research analyzed a critical flaw in Windows Imaging Component, which abuses JPG files"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/011bc7c3731c930bcfeecd52fefb6365","name":"tracylamv2","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9d01d79cbfd8b2e878f5d701a362cc9fca466d33fec977b59706c23c1a2db15c?s=96&d=identicon&r=g","caption":"tracylamv2"},"url":"https:\/\/version-2.com\/zh\/author\/tracylamv2\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-x7Z","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/127347","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/149011790"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=127347"}],"version-history":[{"count":8,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/127347\/revisions"}],"predecessor-version":[{"id":127355,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/127347\/revisions\/127355"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=127347"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=127347"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=127347"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}