Who is responsible for security? Application or operating system? Security Vulnerabilities in Google input methods

Some time ago, the security vulnerability of Google's input method in Windows Vista was booming. Many users have such questions from csdn, Microsoft and Chinese colleagues I know? Is this a Google input method implementation problem or a Windows Vista system vulnerability?

We know that in windows, Applications Program All must be run under the corresponding user account. For example, if you log on as a common user and execute an application, the running permission of the program is your user permission. Applications running on Common User Permissions cannot perform certain special system operations, such as modifying important system configurations and installing device drivers. According to this principle, the input method should also run under the permissions of the corresponding logon user. However, in a special case, the input method needs to be displayed on the logon screen after the system is started. At this time, because no user has logged on to the system, the input method can only run under the Winlogon account, that is, the system account ). If the input method does not check the current machine status (logon interface status), you can use it to enable IE or other functions, which may cause a security vulnerability. This is the reason for Google's security vulnerability in Windows Vista. Microsoft's IME has also made this mistake. See security vulnerability MS00-069, http://www.microsoft.com/technet/security/Bulletin/MS00-069.mspx Input Method Editors (IMES) enable character-based versions ages such as Chinese to be entered via a standard 101-key keyboard. when an IME is installed as part of the system setup, it is available by default as part of the logon screen. in such a case, the ime shoshould recognize that it is running in the context of the LocalSystem and not in the context of a user, and restrict certain functions. however, the ime for simplified Chinese does not correctly recognize the machine state, and exposes inappropriate functions as part of the logon screen. as a result, a malicious user who had access to either a physical keyboard or a Terminal Server session on an affected machine cocould gain LocalSystem privilege even without logging onto the machine. Speaking of this, does it mean that the operating system has no responsibility at all? In the current Windows login architecture, each IME implementation is responsible for security checks and has determined whether some functions can be activated by users. Is it possible for the operating system to ensure that, if the machine is in the login status, specific functions (such as enabling Internet authentication E) should be blocked? Speaking of this, it does not make much sense to argue whether Google is responsible for security vulnerabilities of Google input methods or Microsoft. Security is an overall feature. Applications and operating systems must be designed and implemented. The development of the operating system will provide more and better security support. For example, for a security vulnerability such as cache overflow, windows first implements the software Dep function, or if hardware supports the hardware DEP, this will greatly reduce the risk of cache overflow in applications. However, no matter how the operating system develops, the applications running on the operating system must be used together to ensure an end-to-end security solution. This is why security development cycle (SDL) should be promoted in the industry.