Vietnamese malware researcher discovers vulnerabilities in Adobe software

By Luu Quy   October 28, 2020 | 07:04 pm PT
Vietnamese malware researcher discovers vulnerabilities in Adobe software
Vietnamese malware researcher Tran Van Khang (R). Photo courtesy of Tran Van Khang.
Tran Van Khang, a Vietnamese malware analyst, has detected three vulnerabilities in Adobe's latest update and reported them to the company.

On October 20 the U.S. software giant released updates to 10 of its products, including Photoshop, Illustrator and Premiere Pro.

In its security bulletin board, Adobe credited khangkito, Khang's online nickname, with discovering three of seven critical vulnerabilities in Illustrator, a popular tool used by designers all over the world.

Khang, 30, is currently the leader of malware analysis at VinCSS, the cybersecurity company of conglomerate Vingroup. In 2019 he became the first person in Vietnam to be certified for reverse engineering malware. GREM, issued by information security non-profit SANS Institute of the U.S., is considered one of the hardest security certificates to obtain.

Following his discovery of the defects, Adobe rolled out a new update for Illustrator.

On its site it said the Common Vulnerabilities and Exposures (CVE) that Khang and cybersecurity software company Trend Micro discovered - CVE-2020-24409, CVE-2020-24410 and CVE-2020-24411 - are mistakes with a high level of priority for fixing.

Dustin Childs, communications manager at Trend Micro, said the vulnerabilities that occurred during Illustrator's PDF file rendering process could be exploited by hackers to gain control of users' computers.

Khang said, "I am proud to have the opportunity to represent Vietnamese malware researchers in contributing to global cybersecurity."

His work has been recognized on numerous occasions in the past by the cybersecurity community.

In the last two years he has detected four CVE flaws in four of the world’s leading cybersecurity companies - Trend Micro (CVE-2019 -14687), McAfee (CVE-2019-3646), Bitdefender (CVE-2019-17100), and ESET (CVE-2020 - 11446).

A number of other Vietnamese cybersecurity experts have also been recognized globally.

In September Le Huu Quang Linh of Vietnam National Cybersecurity Center was honored by Microsoft and ranked 68th in a list of the 100 most valuable security researchers in 2020.

Khang said he plans to focus on security issues in Vietnam since a safe Internet environment would be important for its development.

go to top