A security researcher, who seems to support the Linux operating system, has tried to sell a genuine flaw in Microsoft’s Excel spreadsheet programme on eBay.
Details of the flaw were listed on eBay for an opening price of just $.01 but the item was bid up to almost $60 before eBay pulled it from the system.
Microsoft has confirmed that the flaw is genuine and the unknown seller claimed on the listing that they had informed Microsoft of the vulnerability prior to trying to sell it.
The eBay seller, only known as “fearwall”, claimed the flaw allowed an attacker to remotely take over a user’s system. They also offered a 10% discount to any Microsoft employee who bid, when using the special offer code of “LINUXRULZ”.
The seller is now facing action by both eBay and Microsoft. Microsoft says the bug has so far not been exploited by attackers. It is considering issuing a patch for the vulnerability.