WPS Security Bulletin

Home / security

WPS Security Bulletin

Security update available for WPS Office

Release date: Sep 4, 2017

Vulnerability identifier: CVE-2017-12914

Priority: High

Platform: Windows

Summary

WPS has released an update for WPS Office for Windows. This update addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system.

Affected software versions

WPS Office (10.2.0.5908) and earlier versions for Windows.

Solution

WPS recommends users update their software installation via the application's update mechanism by launching the application, navigating to the Help menu and clicking "Check for updates". For more information, please reference the following help page.

Details

WPS has released an update for WPS Office for Windows. This update addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. WPS recommends users update their product installations to the latest version.

These updates resolve an heap overflow vulnerability that could lead to code execution

Acknowledgments

WPS would like to thank Dmitri Kaslov reporting these issues and for working with WPS to help protect our customers.