Tag

Cve-2024-7262

1 brief RSS

WPS Office Exploitation via DLL Hijack

The rule detects the loading of a remote library by the WPS Office promecefpluginhost.exe executable, which may indicate exploitation of CVE-2024-7262 or CVE-2024-7263 via DLL hijacking abusing the ksoqing custom protocol handler.

WPS Office dll-hijacking wps-office cve-2024-7262 cve-2024-7263 execution initial-access

2r 2t 2c 26m ago