This could be an important update to prevent phishing attacks with document attachments that contain malicious .webp images. I haven't seen one of those yet, but a non-weaponized, proof of concept malformed .webp is out there along with a detailed technical writeup, so it's only a matter of time: <a href="https://blog.isosceles.com/the-webp-0day/" rel="nofollow noreferrer">https://blog.isosceles.com/the-webp-0day/</a>