A pundit from Vietnam-based cybersecurity firm VinCSS has detected six critical loopholes classified as ’zero-day’ in the software of tech giants Microsoft and Adobe.
Tran Van Khang, head of VinCSS’s malware analysis under Vietnamese conglomerate Vingroup, was recently acknowledged by Adobe for finding three vulnerabilities in the Windows version of their software Framemaker, a processor for large or complex documents.
They were deemed critical security flaws and were fixed by a security patch released on September 14.
One day later, he found three other loopholes in the business office suite Microsoft 365 Apps for Enterprise.
Such vulnerabilities could be exploited by hackers to gain access to the network of an organization and commit malicious actions that could result in significant damage.
All six vulnerabilities found by Khang are classified as ’zero-day,’ as developers have 'zero days' to fix the flaws before malicious hackers exploit them.
This is not the first time Khang has contributed white-hat efforts to tech giants’ digital safeguard, as he had detected a total of 27 vulnerabilities for Microsoft, Adobe, as well as anti-virus software by Trend Micro, McAfee, Bitdefender, and ESET, within a three-year span working for VinCSS.
In April 2019, Khang became the first Vietnamese engineer to receive the GIAC Reverse Engineering Malware (GREM) certification from the SANS Institute.