Saving logo.png deemed "unsafe" by EdgeDev ???

Brass Contributor

I understand the important of the filter, but...I'm unsure why it would block an image with a .png extension. See the URL below, right click and save as and you'll see.

 

http://www.likeaboss.one/wp-content/themes/lab/assets/images/logo.png

 

Any thoughts or insights into why a simple .png is deemed unsafe?

 

Edit: This is using Dev "Version 78.0.244.0 (Official build) dev (64-bit)"

3 Replies
Happened to me once or twice when I was trying to download an image from a random site for the first time on Canary.
I don't know why it's happening but I do know that it's pretty much possible to include codes/malware inside an image file, without corrupting the image itself.

@HotCakeX 

 

Yeah, it is possible. But I'm curious if it flags every single PNG? The same can happen to JPG's (and maybe other image file types??) but I don't see them getting flagged. Just kind of strange how they determine which ones to flag and which ones not to. Maybe an MS Rep can help us understand?

 

Link to Cisco article explaining how malicious code can be inserted in PNG. Really, really interesting read, for sure. https://blogs.cisco.com/security/talos/malicious-pngs

 

Link on how the same can be inserted into JPG: https://www.bullguard.com/blog/2018/01/jpeg-files-and-malware

No it doesn't flag every single PNG.
For JPEG, I found a small tool: http://www.filefriend.net/index.html#FileFriend