14 DAY TRIAL // A keylogger that can help record pretty much every keystroke on the computer has been discovered on HP’s devices, with a security researcher revealing that hundreds of laptop models come with this hidden software pre-installed.
Michael Myng says in an analysis of the keylogger that the malicious code is hiding in the Synaptics Touchpad software and he actually discovered it when looking into ways to control the keyboard backlight on his laptop.
According to his findings, the keylogger isn’t activated by default, but it can be turned on by any cybercriminals that get access to the system. The list of affected models includes hundreds of laptops like EliteBook, ProBook, Spectre, Zbook, Envy, and Pavilion.
Drivers updated to remove the keylogger
HP has already released updated drivers to remove the keylogger from its devices, explaining in an advisory that no information was collected from users’ systems.
“A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners. A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue,” HP says in a technical support document dated November 7.
The company adds that the said keylogger was originally developed with telemetry purposes in mind, as it was integrated into Synaptics software in order to collect debug information and help correct errors.
The update is being distributed via Windows Update and the patch should already be there on HP devices. To check the full list of impacted devices, as well as the driver version that removes the keylogger, consult the HP list available in the linked support document page.
This isn’t the first time when keyloggers are found on HP laptops. Earlier this year, it was discovered that models like EliteBook, ProBook, and Zbook shipped with a pre-installed keylogger injected into the audio driver that was capable of recording every typed word. At that time, HP said pretty much the same thing as in this new case, explaining that it was added by mistake and access to customer data was not available.