A researcher has found yet another flaw in Microsoft Excel – the third since this month’s Patch Tuesday security bulletin release.
According to a description of the flaw posted on SecurityTracker.com, the vulnerability can be used to execute arbitrary code, according to an advisory. Researcher Debasis Mohanty was credited with discovering the flaw.
“A remote user can create an Excel file that includes a malicious Flash file embedded using the Excel Shockwave Flash Object function. When the target user opens the Excel file, the Flash code will execute automatically without user interaction. The code will run with the privileges of the target user,” according to the advisory, which noted that Microsoft was notified of the flaw on May 3.
Now the reason why I’m posting it here is that Debasis Mohanty,the Bangalore-based researcher who discovered this vulnerability-and as well as many others- is an alumnus of our college and this makes all of us very proud. The sheer dedication and efforts put in by Mr.Debasisinto the field of penetration testing and vulnerability testing is indeed very commendable. Way to go Debasis bhai!!! 🙂