Yet another HP Keylogger

Previously, Hewlett Packard had a keylogger embedded in their audio driver and now there’s one found in their synaptics keyboard driver. This driver can be found on most modern HP laptops.

Vulnerability Details

Security researcher Michael Myung discovered the keylogging code in the keyboard driver while trying to control the keyboard back-light. The code looks for a registry key and if it exists, starts logging keystrokes. When contacted, HP confirmed that the keylogging code was present and have immediately released an update that removes the code. The code was intended for debugging purposes only but an attacker who had access to the victims registry would be able to leverage this debug code to steal account information, logins and so on.

Business Impact

On a scale of “critical” to “benign”, I’d rate this as mostly harmless. For the attack to be utilised, the attacker needs write access to your registry already and if they have that level of access, you’ve probably got more things to worry about. That said, you always want to reduce your attack surface, so it’s recommended you update your drivers immediately.

Remediation

Affected models and the updates for them are available on HP’s website. We will be scanning for affected models on all of our clients computers shortly and notifying those that need to take action.

If you’re not a client of ours already and you’d rather worry about making more money than keeping your systems patched, you should contact us and ask about our managed services offerings.

Most Recent:

Random Pick:

New PC’s can only run Windows 10

This “experience update” from Microsoft represents a big change in policy. Microsoft say a new PC will only run Windows 10 To summarize Microsoft’s post: On some computers support

Read More »