this post was submitted on 09 Aug 2025
69 points (96.0% liked)

Privacy

3507 readers
244 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be civil and no prejudice
  2. Don't promote big-tech software
  3. No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
  4. No reposting of news that was already posted
  5. No crypto, blockchain, NFTs
  6. No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 9 months ago
MODERATORS
fxomt@lemmy.dbzer0.com
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
fxomt@piefed.social
69
Adult sites are stashing exploit code inside racy .svg files (arstechnica.com)
submitted 6 days ago by sabreW4K3@lazysoci.al to c/privacy@lemmy.dbzer0.com
25 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] ReversalHatchery@beehaw.org 6 points 5 days ago (2 children)

I clicked through the source article, and it sounds like this is specifically a windows thing: original article says that when a windows machine loads the malicious SVG, the malicious JS is parsed in a Microsoft Edge browser process, regardless of the browser a user visited the porn site with (apparently all Windows SVGs load through Edge).

what the actual fuck? does that mean that even if I only use firefox, edge is involved in loading SVGs? how??

[–] CrackedLinuxISO@lemmy.dbzer0.com 9 points 5 days ago (1 children)

Opening the SVG file opens an empty Edge tab titled Process Monitor. This happens because SVG files on Windows are opened by Edge, even if the user has another browser set as their default.

https://www.malwarebytes.com/blog/news/2025/08/adult-sites-trick-users-into-liking-facebook-posts-using-a-clickjack-trojan

[–] ReversalHatchery@beehaw.org 3 points 5 days ago

that does not explain how does it happen when the svg appears on a page in firefox. firefox won't try to open all embedded assets with the default file handler in the OS, it will directly use its built in tools to handle it.

[–] purplemonkeymad@programming.dev 3 points 5 days ago (1 children)

I think it's saying that the default association for SVG is edge, as setting a default browser does not change that. If you use another image viewer for SVG it might behave differently.

[–] ReversalHatchery@beehaw.org 2 points 5 days ago (1 children)

but how does edge get opened? firefox, and pretty sure chrome too, aren't searching the OS file associations for each asset they received from the site. they won't decode the png images with Windows Photos or whatever, they will use their internal tools to process it.

file associations would only affect if you open an svg file in the filesystem with a file manager. but I don't see how edge gets into the picture when the user is just using another browser, because it's rare that a user saves an SVG

[–] outhouseperilous@lemmy.dbzer0.com 2 points 4 days ago

I found this technically surprising, but like the most microsoft thing ever.