Menu
Certain HP laptops are found recording users' keystrokes

Certain HP laptops are found recording users' keystrokes

An audio driver supplier called Conexant may have accidentally implemented the keylogging function

IDG

IDG

Over two dozen HP laptop models have been secretly recording users’ keystrokes, possibly by mistake, according to a Swiss security firm.

The keylogger is found within the PCs' audio driver software and has existed since at least Dec. 2015, the security firm Modzero said in a Thursday blog post.

The audio driver was designed to identify when a special key on the PC was used. But in reality, the software will capture all the keystrokes and write them in an unencrypted file located on the laptop.

In other cases, the keystrokes will be passed to a Microsoft Windows debugging interface on the PC, and expose them to possible capture, Modzero said.

“There is no evidence that this keylogger has been intentionally implemented. Obviously, it is a negligence of the developers,” the security firm said in its blog post.

Nevertheless, the keylogger still poses a security risk. Anyone, including malware writers, can look up what a user has been typing by exploiting the affected audio driver or looking up the log file created.

“Investigators with access to the unencrypted file-system might be able to recover sensitive data of historic key logs as well,” Modzero said.

In a short statement, HP said it was aware of the issue. "HP has no access to customer data as a result of this issue. We have identified a fix and will make it available to our customers," the company said.

According to Modzero, the audio driver is used in certain HP EliteBook, ProBook, ZBook models. A full list of affected products can be found here.

Fortunately, the software is easy to remove. It’s located at c:\Windows\System32\MicTray64.exe or C:\Windows\System32\MicTray.exe and can be deleted, although this may cause the special function keys on the laptop to no longer work.

The keystroke log file it creates should also be erased, and is located at C:\Users\Public\MicTray.log.

Modzero said the developer of the audio driver is a U.S. company called Conexant, which produces audio and voice related applications. Conexant did not immediately respond to a request for comment.

Modzero discovered the problem on April 28, but claimed that both HP and Conexant hadn't responded to the security firm's contact requests.

Thorsten Schroeder, CEO of Modzero, said other laptops from Dell, Lenovo and Asus don't appear to have the same problem.

But because Conexant appears to develop software for other hardware vendors, the keylogging issue may exist in other devices, he said in an email.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

Meet the leading female front runners of the Kiwi channel

Meet the leading female front runners of the Kiwi channel

Reseller News honoured the leading female front runners of the New Zealand channel at the 2018 Women in ICT Awards (WIICTA) in Auckland. The awards honoured standout individuals across seven categories, spanning Entrepreneur; Innovation; Rising Star; Shining Star; Community; Technical and Achievement.

Meet the leading female front runners of the Kiwi channel
Meet the top performing customer-centric Microsoft channel partners

Meet the top performing customer-centric Microsoft channel partners

Microsoft honoured leading partners across the channel following a year of customer innovation and market growth in New Zealand. The 2018 Microsoft Partner Awards recognised excellence within the context of the end-user, spanning a host of emerging and established providers.

Meet the top performing customer-centric Microsoft channel partners
Reseller News launches new-look Awards at 2018 Judges’ Lunch

Reseller News launches new-look Awards at 2018 Judges’ Lunch

Introducing the Reseller News Innovation Awards, launched to the channel at the 2018 Judges’ Lunch in Auckland. With more than 70 judges now part of the voting panel, the new-look awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors.

Reseller News launches new-look Awards at 2018 Judges’ Lunch
Show Comments