If you're worried about tracking, you can block ads and tracking scripts without disabling javascript. If you're worried about viruses, well, all I can say there is that in my experience and understanding, if you keep your browser updated, the odds of getting a virus via browser JS are exceedingly low. Doubly so if you're not frequenting sketchy sites.
I don't know, it seems to me like advice from a time before security was a priority for browser makers, and high-quality ad blockers existed. At this point, I really don't see the value.
Not to mention that a host of vulnerabilities were image related a few years back (one of the original rookits exploited a TGA bug).
> uBlock Origin
Honestly, this is the antivirus of the web. I helped my niece set up my old computer for Minecraft today, and she was explaining how her friend had installed viruses (adware, really) 3 times. Every one of those instances was caused by download link confusion for Minecraft mods. Disabling JavaScript isn't going to save you from being tricked into downloading shady software, only an adblocker will.
As a lover of old image formats and the security issues they can cause* this sounds fascinating, but some quick google searches don’t seem to surface what you are referencing. Can you share any more details?
* I once fell into discovering a memory disclosure flaw with Firefox and XBM images