WPS Office for windows is dealing with a certain OLE mechanism remote code vulnerability

Vulnerability description:

WPS office software is an office software suite independently developed by Kingsoft Office Software Co., Ltd. It can realize the most commonly used text, tables, presentations and other functions of office software, covering windows, macos, Linux, android, iOS and Hongmeng, etc. platform
WPS There is a logic vulnerability when Office for Windows handles a certain type of OLE (object linking and enbedding) in Chinese called "Object Linking and Embedding"). Attackers can use this vulnerability to specifically construct malicious PPS and PPSX documents (a kind of open and displayed presentation format), if the user moves the mouse or clicks on the corresponding OLE area while playing the document after opening it, the malicious code will be downloaded from the remote server through the Internet and executed.

Affected versions:

name of software platform version number
WPS Office 2019 Personal Edition Windows Lower than 11.1.0.12116 (inclusive)
WPS Office 2019 Enterprise Edition Windows Lower than 11.8.2.11707 (inclusive)

Impact of the vulnerability:

There is a logical vulnerability in WPS office for windows when processing a certain type of OLE (object linking and enbedding), which is called "object linking and embedding" in Chinese). An attacker can use this vulnerability to specially construct a malicious PPS or PPSX document (a kind of opening that screened presentation format).
In a common attack scenario, the user receives a malicious code-containing or "obstructed" document (a presentation format that is opened and played). If the user moves the mouse or clicks on the corresponding OLE area after opening the document and playing it, it will The malicious code is downloaded from the remote server through the Internet and executed. At this time, the backdoor program is downloaded and placed in the system startup directory. The attacker then controls the user's computer when the user restarts the computer.

Upgrade plan:

If you are using a customized version of WPS office, please contact our technical engineers to obtain the latest version.
If you are using the personal or enterprise version of WPS office, you can obtain the latest version through https://www.wps.cn to upgrade.

Original article by SnowFlake, if reproduced, please credit https://cncso.com/en/wps-office-for-windows-ole-rce-html

Like (1204)
Previous July 26, 2022 6:01 pm
Next August 15, 2022 12:00 am

related suggestion