Vietnamese engineer finds vulnerabilities in Microsoft, Adobe software

Tran Van Khang, a Vietnamese engineer at the security firm VinCSS has found six critical vulnerabilities known as zero day in the software of Microsoft and Adobe.

The information on a vulnerability found by Tran Van Khang.
The information on a vulnerability found by Tran Van Khang.

The latest security loopholes raise the number of zero-day vulnerabilities detected by the company, a subsidiary of the domestic conglomerate Vingroup, to 80.

Khang, head of VinCSS’s malware analysis, found three vulnerabilities in the Windows version of Adobe Framemaker, a processor for large or complex documents.

They were fixed by a security patch released on September 14.

The three other loopholes were found in the business office suite Microsoft 365 Apps for Enterprise.

Such vulnerabilities could be exploited by hackers to gain access to the network of an organisation and commit malicious actions that could result in significant damage.

Since starting his job at VinCSS nearly three years ago, Khang has detected a total of 27 vulnerabilities in software by giants such as Microsoft and Adobe as well as in anti-virus software by Trend Micro, McAfee, Bitdefender and ESET.

In April 2019, Khang became the first Vietnamese engineer to receive the GIAC Reverse Engineering Malware (GREM) certification from the SANS Institute.