Keylogger Uncovered On Hundreds Of HP PCs

Keylogger Uncovered On Hundreds Of HP PCs

HP Hewlett Packard has issued an emergency patch to resolve a dri

Best VPN services of 2017: Reviews and buying advice
Google to Fully Distrust WoSign/StartCom SSL Certs in Chrome 61
Emergency Apple Patch Fixes High Sierra Password Hint Leak
screen-shot-2017-12-11-at-09-00-23.jpg

HP

Hewlett Packard has issued an emergency patch to resolve a driver-level keylogger discovered on hundreds of HP laptops.

The bug was discovered by Michael Myng, also known as “ZwClose.” The security researcher was exploring the Synaptics Touchpad SynTP.sys keyboard driver and how laptop keyboards were backlit and stumbled across code which looked suspiciously like a keylogger.

In a blog post, ZwClose said the keylogger, which saved scan codes to a WPP trace, was found in the driver.

More security news

While logging was disabled by default, given the right permissions, it could be enabled through changing registry values and so should a laptop be compromised by malware, malicious code — including Trojans — could take advantage of the keylogging system to spy on users.

“I messaged HP about the finding,” Myng said. “They replied terrifically fast, confirmed the presence of the keylogger (which actually was a debug trace) and released an update that removes the trace.”

HP has acknowledged the issue. In a security advisory, HP said:

“A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners.

A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.”

A CVSS score of 6.1 has been issued, together with updated firmware and drivers for hundreds of laptops, both commercial and consumer.

Affected products include HP G2 Notebooks, the HP Elite x2 1011 G1 tablet, HP EliteBooks, HP ProBooks and HP ZBook models, among others.

The researcher said that a fix will also be included in Windows Update.

Back in May, security firm Modzero discovered a keylogger in the Conexant HD audio driver package, installed in dozens of HP devices. HP quickly rolled out a patch which resolved the issue, which could be used to collect data including passwords, website addresses, and private messages.

Previous and related coverage

Go to Source

COMMENTS