HP Laptops, HP G2 Notebooks Affected by Driver-Level Keylogger
NEWS

HP Laptops, HP G2 Notebooks Affected by Driver-Level Keylogger

Security researcher Michael Myng also known as ZwClose discovered a driver-level keylogger on HP laptops. The bug has been now solved via an emergency patch issued by Hewlett Packard. Hundreds of HP laptops were affected, including HP G2 Notebooks, the HP Elite x2 1011 G1 tablet, HP EliteBooks, HP ProBooks and HP ZBook models.

Official description of the vulnerability:

A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners. A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.

Related Story: SonicSpy Android Spyware Generates over 1000 Apps

Myng came across the keylogger while exploring Synaptics Touchpad SynTP.sys keyboard driver

He analyzed the way keyboards were backlit and came across some weird looking code that resembled a keylogger. “HP had a keylogger in the keyboard driver. The keylogger saved scan codes to a WPP trace. The logging was disabled by default but could be enabled by setting a registry value (UAC required),” the researcher wrote.

Even though logging was disabled by default, it could have been enabled via altering registry values which could have led to the laptop being compromised by malicious software. Trojans and other forms of spyware, for examples, are very likely to leverage keylogging to spy on unsuspecting users.

Fortunately, HP was very swift to respond. Shortly after the researcher messaged the company about the issue he found, they replied by confirming the presence of the keylogger. However, the keylogger turned out to be a debug trace which was adequately removed via the update HP already released.

The patch will also be added to Windows Update.

Not the first time HP features keylogger in their products

This is not the first time such a component was found in HP products. Back in May, security researchers from security firm Modzero unearthed a built-in keylogger in an HP audio driver while examining Windows Active Domain infrastructure.

Related Story: Researchers Find Built-In Keylogger in HP Audio Driver

The initial purpose of the software appeared to be to recognize whether a special key has been pressed or released. The software however was tailored and the developer, Conexant, added a number of diagnostic and debugging features. The features were there to ensure that all keystrokes “are either broadcasted through a debugging interface or written to a log file in a public directory on the hard-drive”. Interestingly, this type of debugging literally transforms the audio driver into a keylogger, which is nothing but a form of spyware.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

1 Comment

  1. Sean Gabel

    The keyloggers have been detected in laptops as latest as 2017. I don’t understand why these companies try to make the fool out of people and think they can get away with that.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...