TapTechNews August 5th news, according to the CaiLian Press, some citizens have recently received a notice from their work unit, requiring them to uninstall the Sogou Input Method. The vulnerability notification shows that some versions of the Sogou Input Method can bypass the password and obtain system privileges. The Sogou Input Method responded that this problem is caused by the Microsoft On-Screen Keyboard and other related programs actively loading the Chinese input method with a privileged interface.
According to a vulnerability notification from Shengbang Security in the National Information Security Vulnerability Database, under the Microsoft Windows operating system, attackers can bypass the system login password through some versions of the Sogou Input Method and execute the CMD command in the locked screen situation to obtain the local system privileges.
It is understood that attackers can use this vulnerability to directly reset the administrator password without knowing the username and password of the target machine through some remote control programs.
The notification states that this vulnerability is due to the system's overly high operating privilege for the Sogou Input Method, allowing it to operate without authorization, and the Sogou Input Method's own permission verification is not strict enough. After the attacker successfully exploits the vulnerability, they can execute any command in the target system.
In the notification, it is recommended to pay attention to the manufacturer's update and upgrade the version in time. Before the official release of a new version, it is recommended to uninstall the Sogou Input Method first and replace it with another input method.
In response to this, the Sogou Input Method responded yesterday that after the security team's investigation, this problem only exists in a specific version of the Windows system and is caused by the Microsoft On-Screen Keyboard and other related programs actively loading the Chinese input method with a privileged interface, We have notified the relevant Microsoft team of this system vulnerability.
Before Microsoft fixes this vulnerability, to protect the user's safety more effectively, we have taken proactive avoidance measures, the Sogou Input Method will actively withdraw from loading and execution under the Windows login interface. The Sogou Input Method added.
TapTechNews found that there are currently many tutorials circulating on the Internet about bypassing the lock screen, including the Game Center section of the Sogou Input Method, which can directly pop up the game center window on the Windows lock screen interface and open the QQ download interface. By downloading QQ to open the Windows system file manager, then the CMD window can be opened.