HP Pushing Out a Fix for a Keylogger which Shipped on Several Laptop Models

Posted by at 11:01 am on May 12, 2017

Word went out¬†yesterday that several of HP’s laptop models dating back to December 2015 contain a keylogger as part of an audio driver provided by Conexant. Now HP has a fix for the issue. p

The keylogging issue was discovered by Swiss security firm ModZero. While the intent on behalf of Conexant was not malicious, the audio chip maker apparently took a poor approach of coding its audio drivers to monitor and record keystrokes to detect when a hotkey is pressed. This allowed users to press key combinations for things like turning a microphone on and off.

On affected laptops, key presses get recorded and stored in a plain text log file. Even though the logs are wiped clean whenever a user logs off, every keystroke is recorded while logged in, including personal communications, passwords, and so forth.

ModZero said it tried contacting HP and Conexant about the issue, but was shrugged off by HP Enterprise and flat out ignored by HP Inc. and Conexant. Due to not being will to work with them, ModZero  publish the information in accordance with its responsible disclosure process.

Now , HP has begun pushing out a patch through both Windows Update and its own website.

“HP is committed to the security and privacy of its customers and we are aware of the keylogger issue on select HP PCs. HP has no access to customer data as a result of this issue,” HP told ZDNet.

 

Leave a Reply

Sign Up For Our Newsletter

Sign up to receive breaking news
as well as receive other site updates

Enter your Email


Preview | Powered by FeedBlitz

Log in

Copyright © 2008 - 2020 · StreetCorner Media , LLC· All Rights Reserved ·