CVE-2014-3575 was about updating linked objects, there is no security
issue with embedded objects so always allow updating the preview image
for them.

(regression from d005acae)

Change-Id: I6e4d013ddf4fbe08c5968c680bbe143dd0473a4b