Researcher finds keylogger on HP laptops

Posted December 12, 2017

The keylogger was discovered by security researcher Michael Myng in software drivers that came installed on the laptops within Synaptics keypad software, the BBC reported.

HP has since publicly acknowledged that the keylogger software is present in a large number of its laptops and has published a full list of affected models.

Last week BleepingComputer covered how some HP laptops have a keylogger, or really a debug trace, in a certain version of the the Synaptic keyboard driver.

Before the issue was publicly disclosed, HP owned up to the mistake of leaving this tool inside of its laptops, and on November 7 posted device-specific patches for most of the models affected, which can be downloaded here. He took a look at the driver - which was made by Synaptics - and discovered the disabled keylogger as he was checking it out. That means a hacker would need physical access to an affected HP laptop to enable the keylogger.

Myng also wrote about HP's swift action upon learning of the issue: "So, I messaged HP about the finding".

Thankfully, there's already an updated driver available that removes the vulnerability. These devices include those from the EliteBook, Spectre, Pavilion, and Envy ranges, among others.

The firm has issued a patch for 173 commercial and 293 consumer products and ZwClose says that a patch will be delivered via Windows Update as well.

At press time, HP had not responded to a request for comment regarding this issue. Once you have that, scroll down the security bulletin until you find your model and download the accompanying update. The company provided a list of models affected.

'These scripts record your keystrokes, mouse movements, and scrolling behavior, along with the entire contents of the pages you visit, and send them to third-party servers. You should also be able to install it automatically via the HP Support Assistant app on your device.