WPS Security Bulletin

Home / security

WPS Security Bulletin

Security update available for WPS Office

Release date: Jan 4, 2016

Vulnerability identifier: KSO16-1 (#236479)

Priority: High

Platform: Windows

Summary

Kingsoft has released an update for WPS Office for Windows. This update addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system.

Affected software versions

WPS Office (9.1.0.5214) and earlier versions for Windows.

Solution

Kingsoft recommends users update their software installation via the application's update mechanism by launching the application, navigating to the Help menu and clicking "Check for updates". For more information, please reference the following help page.

Details

Kingsoft has released an update for WPS Office for Windows. This update addresses vulnerabilities that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. Kingsoft recommends users update their product installations to the latest version.

These updates resolve an heap overflow vulnerability that could lead to code execution

Acknowledgments

Kingsoft would like to thank Francis reporting these issues and for working with Kingsoft to help protect our customers.