CVE-2022-24934: WPS Office remote code execution vulnerability alert
The vulnerability number is CVE-2022-24934, and the WPS update program that contains the vulnerability is called wpsupdate.exe. According to the instructions, versions below 188.8.131.5282 should be affected by the vulnerability, but the latest version downloaded by my team is version 184.108.40.20669, which is lower than the target version. In addition, there is no security announcement on the official website, so it is not clear what is going on at the moment, but it is recommended that users of the old version check and upgrade to the new version immediately.
For questions about versions and security vulnerabilities, it is recommended that corporate customers contact Kingsoft directly to ensure that the versions installed on the company’s intranet are not affected by the vulnerabilities.