Going, going, gone: a Microsoft vulnerability

There have been a few extraordinary sales on eBay, but you probably wouldn’t have expected to see a Microsoft software vulnerability on the auction site.

There have been a few extraordinary sales on eBay, but you probably wouldn’t have expected to see a Microsoft software vulnerability on the auction site.

 

However, one auction last week of a vulnerability in Microsoft Excel reached about £30 in value before eBay belatedly removed the item, which was placed by a seller called Fearwall.

 

eBay says the listing had been pulled for violating its policy against encouraging illegal activity.

 

Microsoft said it was aware of the reported flaw, which was discovered on 6 December and lies in the way Excel validates data when handling documents.

 

The cheeky eBay seller even rubbed salt in Microsoft’s wounds by offering Microsoft employees a 10% discount.

 

So now you can advertise even Microsoft vulnerabilities on eBay, alongside tickets for next year’s World Cup Final. It was only a matter of time before such a stunt occurred. But how did eBay’s own security procedures allow such an auction to be created? Perhaps it’s time for the website to examine its own vulnerabilities.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Business applications

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close