HP isn't doing too well on the security front recently. Last month the company was accused of quietly installing spyware on Windows PCs. This month, a keylogger has been found on over 460 different models of HP laptop.
The keylogger was discovered by security researcher Michael Myng who was looking at the keyboard driver SynTP.sys in an attempt to figure out how to control HP's laptop keyboard backlight. What he found was a keylogger capable of recording every key stroke made by a user. Thankfully, the keylogger is disabled by default, but a simple registry value change would enable it meaning it counts as a "potential security vulnerability" a hacker could take full advantage of.
As the BBC reports, HP has issued a software patch to remove the keylogger which is present in the Synaptics touchpad driver. HP points out that enabling the keylogger would require administrative access therefore limiting the threat. However, there are over 460 models of HP laptop affected, including those in the EliteBook, ProBook, Pavilion, and Envy ranges, and the keylogger has been present since 2012. The software patch support page lists all models carrying the disabled keylogger.
If you're wondering why HP allowed a keylogger to ship on so many laptops for so long, it looks to be a simple oversight. It was originally installed with the driver to act as a debugging tool checking for errors in the Synaptics software. It was then disabled, but never removed. That's quite dangerous in 2017 when hackers will grab any opportunity they can find in hardware used by millions of people.
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
Your subscription has been confirmed. Keep an eye on your inbox!