Perhaps their spam filter needs to whitelist you.
Or you should check your PNGs. There's always the possibility of JPEGs, etc having encoding that hides information. I'm sure you could look up the details. Why wouldn't they just default to using Image blocking?
Never heard of this but I remember that a few years ago, JPG would be suspect of being possible virus vectors. I suppose that any anti virus system can detect an infected JPG, and this si the same for PNGs. So just blocking the whole email does not, IMHO, make much sense.
And BTW, a quick search on google show this risk had been in the air since 2013.
2 of 2 people found this helpful
Yeah, the problem is when a non-executable format becomes executable due to a bug in the surrounding environment. There doesn't need to be an outside executable, though, just a bug in an existing app (such as a mail client, browser, photo editor, or low-level programming library).
We know you can embed non-image sections in image formats: those sections could be compiled+obfuscated binary code; plain-text commands, like Windows batch, SQL, or JS; or a nonsense sequence that's not technically executable, but is known to crash apps that read it.
The important part for attackers is finding an app that either [a] doesn't sanitize input properly or [b] is itself in charge of sanitizing and has a vulnerability. So in the course of ostensibly opening an image file it accidentally allows memory to be overwritten with malicious code -- or, like I said above, just crashes the app due to a null pointer, buffer overflow, etc.
Think about if you could craft a malicious PNG that crashes a PNG fixup utility. If every PNG that enters a company passes through the same filter and malicious PNGs are capable of crashing the filter itself, you'd have little choice but to block PNGs completely.
All that being said, I would strongly question how anyone could operate for more than a day if they are blocking PNGs. This would have to apply to web filtering as well, or it makes no sense.