Security researchers have found that around 460 HP notebook models contain a hidden keylogger that can lead to a “local loss of confidentiality” when accessed by a malicious user. HP has confirmed the vulnerability and released a security bulletin to help users patch the loophole. The company has also released a list of affected devices, with some dating back back to 2012.
Security researcher Michael Myng found the keylogging code in software drivers that come pre-installed on HP notebooks. The notebook models that have the keylogger code includes the members of Envy, EliteBook, ProBook, Spectre Pro, Stream, and Pavilion series, among various others. Myng discovered that the secret code is disabled by default but can be enabled by modifying a Windows Registry value on the system, after which everything that’s typed on the device is logged.
Explicitly acknowledging the vulnerability, HP stated in a summary dated November 7 that the keylogger code is part of certain Synaptics touchpad driver versions. The company even mentioned that the loophole impacts other Synaptics OEM partners as well. “A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue,” the company states while summarising the vulnerability.
You can check the existence of the keylogger code on your HP notebook by visiting the HP Security Bulletin page. You just need to update the driver available for your notebook model to remove the vulnerability.
This is not the first time when a keylogger has been discovered on HP machines. In May, a Swiss security researcher ModZero spotted a keystroke-recording code in several HP notebook models. Microsoft wireless keyboards in 2015 were also reported to be vulnerable to a hardware keylogger that could sniff keystrokes.