It was revealed earlier this week that many HP laptops have code within the keyboard driver that acts as a key logger. Computer researcher Michael Myng discovered the code whilst poking around in the Keyboard driver code. His intent was not to look for security issues, but to control the keyboard backlight, but in his research he happened by some suspicious code. The driver is by Synaptics and is installed on most HP laptops. Myng notified HP and posted an extensive breakdown of his findings.
A key what now?
The reason this is a cause for concern is that key loggers log everything that you type. This includes usernames, passwords, credit card numbers, etc . An attacker could utilize the features of this software to record your personal information, and use it in fraud, or collect more information for a larger attack. The key logger is activated via a registry entry. While that requires elevated permissions, a knowledgeable attacker could easily figure out a way to do it, even remotely.
No spying or malice intended
Though the software could be used in a malicious manner, that was not the intent. According to HP it is a diagnostic tool known as a “Debug Trace”, and is not intended to spy on anyone. The keylogging is deactivated by default, and HP has stated that neither they nor Synaptics has access to users data as a result of this. To HP’s credit, responded to this vulnerability “terrifically fast”, as stated by Mr, Myng. HP have already issued patches to the keyboard driver. Check this list to see if your laptop is on it, and if so, patch it as soon as possible.
Déjà vu?
While HP gets credit for responding quickly to this incident, this is not the first time such a thing has happened. Earlier this year there was a key logger built-in to the audio drivers. You would think that after the first debacle they would make sure such a thing never happens again. Hopefully they learn from this one and looking the drivers they are installing. Especially drivers that come from a third-party.