Microsoft Excel Vulnerability

SCMagazine reports…

A researcher has found yet another flaw in Microsoft Excel – the third since this month’s Patch Tuesday security bulletin release.

According to a description of the flaw posted on SecurityTracker.com, the vulnerability can be used to execute arbitrary code, according to an advisory. Researcher Debasis Mohanty was credited with discovering the flaw.

“A remote user can create an Excel file that includes a malicious Flash file embedded using the Excel Shockwave Flash Object function. When the target user opens the Excel file, the Flash code will execute automatically without user interaction. The code will run with the privileges of the target user,” according to the advisory, which noted that Microsoft was notified of the flaw on May 3.

More Information can be found here and here.

Now the reason why I’m posting it here is that Debasis Mohanty,the Bangalore-based researcher who discovered this vulnerability-and as well as many others- is an alumnus of our college and this makes all of us very proud. The sheer dedication and efforts put in by Mr.Debasisinto the field of penetration testing and vulnerability testing is indeed very commendable. Way to go Debasis bhai!!! 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s