Then these create a thumbnails. There is nothing inherently wrong with thumbnail creation. Only if the application creating the thumbnail is malicious. Or a hypothetical vulnerability where the user downloads a specifically crafted image, which results in the created thumbnail to be malicious so it can exploit another application parsing thumbnails.
Added a rationale here just now, maybe that will help to explain better why that has been implemented: