Hundreds of HP Laptops, Tablets Found with Pre-Installed Keylogger

A security researcher has found that hundreds of different models of HP notebooks, tablets and other devices include a keylogger that could track and record every keystroke a user makes. Linked to touchpad drivers made by Synaptics, the keylogger is disabled by default and can be fixed with security patches released by HP last month.

The keylogger was discovered by security researcher Michael Myng, who publicly disclosed his findings in a blog post Thursday. In his post, Myng said that he messaged HP about his discovery and the company responded quickly by confirming the issue and releasing a software update to resolve the problem.

HP said neither it nor Synaptics "has access to customer data as a result of this issue." However, after a registry change, the keylogger could enable a malicious actor to monitor a user's keyboard activity.

More than 450 Affected Devices

Writing under the handle "ZwClose," Myng said he discovered the keylogger after an associate asked whether he could find a way to control the keyboard backlighting on an HP laptop. When he opened the keyboard driver SynTP.sys, Myng said he noticed "a few interesting strings," in particular, one that looked like a format string for a keylogger.

"I messaged HP about the finding," Myng said. "They replied terrificly [sic] fast, confirmed the presence of the keylogger (which actually was a debug trace) and released an update that removes the trace."

In a Nov. 7 security update, HP provided links to software patches for more than 450 products, including multiple models of the HP Notebook, HP EliteBook, HP Mobile Thin Client, HP ProBook, HP Spectre Pro and HP ZBook Mobile Workstation. The company said that affected users should install the appropriate update for their devices as soon as possible.

Second Keylogger Issue this Year

"A potential security vulnerability has been...

Comments are closed.