A seller using the name "fearwall" started the auction on Wednesday evening at 1 cent. It was up to US$56 on Thursday afternoon with 21 bids placed, and eBay quashed the auction soon after that.
The online auctioneer removed the item because it contravened its guidelines, eBay spokeswoman Catherine England said on Friday. "The listing was pulled for violating our policy against encouraging illegal activity," she said in an e-mailed statement.
Microsoft is aware of the reported flaw and has been working with eBay on the matter, a company representative said in a statement. "This possible vulnerability was being auctioned on eBay, but has now been removed," the representative said.
According to the description of the item on eBay, the vulnerability was discovered on December 6 and all the details were submitted to Microsoft. The flaw lies in the way Excel validates data when handling documents and exploiting it will compromise a user's PC, according to the now-removed eBay post.
Microsoft is not aware of any attacks that attempt to use the reported vulnerability, the software maker said. The company will continue to investigate the issue and may provide a fix as part of its monthly patching process or issue a security advisory, the Microsoft representative said.
The eBay seller even had a special offer for Microsoft employees: a 10 percent discount. "To qualify, you MUST provide @microsoft.com e-mail address and MUST mention discount code LINUXRULZ during checkout," the now-removed post said.
