WPS Office Security Update Advisory

Aug 23 2024

Overview

An update has been released to address vulnerabilities in WPS Office. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-7262

WPS Office versions: 12.2.0.13110 (inclusive) ~ 12.2.0.16412 (excluded)

CVE-2024-7263

WPS Office versions: 12.2.0.13110 (inclusive) ~ 12.2.0.17153 (excluded)

Resolved Vulnerabilities

Improper path validation in promecefpluginhost.exe allows attackers to load arbitrary Windows libraries (CVE-2024-7262, CVE-2024-7263)

Vulnerability Patches

The following product-specific Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-7262

WPS Office version: 12.2.0.16412

CVE-2024-7263

WPS Office version: 12.2.0.17153

References

[1] CVE-2024-7262 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-7262

[2] CVE-2024-7263 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-7263

WPS Office Security Update Advisory

GitHub Enterprise Server (GHES) Product Security Update Advisory (CVE-2024-6800)

Google Chrome Browser (128.0.6613.84) Security Update Advisory

Tags:

GitHub Enterprise Server (GHES) Product Security Update Advisory (CVE-2024-6800)

Google Chrome Browser (128.0.6613.84) Security Update Advisory