Vulnerability fix: CVE-2022-24934 - Announcements and Updates
We have received a report from Avast Threat Labs about a code execution vulnerability in WPS Office. As soon as we learned the flaw, our security technology team analyzed the software codes and made an emergency fix. The analysis confirmed that the vulnerability exists in the international edition of WPS Office 2019, and the vulnerability number is CVE-2022-24934. The premise of the vulnerability exploited is to gain control of the device and modify the registry. Successful vulnerability exploitation may allow the malware downloads to harm the local device and data.
Currently, We have fixed the vulnerability, and users of WPS Office 2019 international edition can upgrade to the latest vulnerability fixed version through the official website of WPS Office at https://www.wps.com.
Kingsoft Office would like to thank Avast Threat Labs for collaborating with us to disclose the vulnerability to protect users of WPS Office. We have always taken product security research and development as our highest mission. We have established a scientific and quickly responded risk prevention and disposal mechanism. Our security technology team has also opened various feedback channels. If you or your company encounter any security problems when using Kingsoft Office products, please send us your feedback as soon as possible.
We will continue to work hard to provide more safe and high-quality products and services for the users. At the same time, we also welcome the supervision of users and media.
If you need, don't hesitate to contact the Kingsoft Office technical team email@example.com, Kingsoft Office engineers will provide you with technical support soon.
Kingsoft Office Security and Emergency Response Center
March 25th, 2022