Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

ESET provides a detailed root-cause analysis of CVE‑2025‑50165 in WindowsCodecs.dll (libjpeg‑turbo integration), showing that uninitialized compress_data_12/16 function pointers can cause crashes when re-encoding 12- or 16-bit JPEGs; the researchers reproduce the issue, diff the patch, trace the fix to initialization and checks, and conclude exploitation is unlikely without address leakage, heap manipulation, and a host application that re-encodes images—patched WindowsCodecs versions mitigate the risk.