HP Fixes Keylogger Hole on Laptops

Tuesday, December 12, 2017 @ 02:12 PM gHale

A keylogger ended up discovered on a driver used in Hewlett Packard (HP) laptops and the computer giant quickly cleared up the issue.

But this was not the first time as earlier this year a Swiss security firm modzero AG found a keylogger in Conexant HP audio drivers that stored records of keystrokes in a file in the public folder, unencrypted.

Tool can Recover Hacked Event Logs
Cybersecurity Framework V1.1 Publishes
Framework Publishes for Cyber-Physical Systems
DHS’ Cyber Threat Info Sharing Needs to Improve

The second time around, the keylogger ended up discovered by security researcher Michael Myng ( “ZwClose”) while he was going through the Synaptics Touchpad SynTP.sys keyboard driver.

“The keylogger saved scan codes to a WPP trace. The logging was disabled by default but could be enabled by setting a registry value (UAC required),” he said in a blog post.

Setting the required registry value can be easily performed by malware, which can then use the keylogger to harvest sensitive information entered by the user.

Myng reported his finding to HP. “They replied terrifically fast, confirmed the presence of the keylogger (which actually was a debug trace) and released an update that removes the trace,” he said.

This was almost a month ago. HP said “neither Synaptics nor HP has access to customer data as a result of this issue.”

Over 460 HP laptops were affected by the flaw.

Along those lines, HP said the vulnerability affects all Synaptics OEM partners.

Leave a Reply

You must be logged in to post a comment.