The SOGO Keyboard Vulnerability

Researchers at the University of Toronto took a closer look at the SOGO input method which is a custom keyboard that is produced by Chinese company Tencent. Tom Paul with LMG security found this vulnerability reported it to a Dell about three months ago as of yet a Dell has not fixed the vulnerability but today published advisory stating that administrators should alter the root password. A patch for this issue is expected in November.