The US manufacturer HP currently has no success in terms of security, even if the company only partially, if at all, can do something.Now it became known that on many notebook models a keylogger was installed (not for the first time this year).However, this was disabled by default and has now been removed by an update.

HP Keylogger

Last week, a security researcher known only by his Twitter name @ZwClose said he had discovered a keylogger in HP’s SynTP.sys file. A keylogger is a program that captures and stores all keystrokes. Although this is not necessarily harmful, can also be quite abusive used, for example, to access login data or passwords.
Also Read: HP Denies Claims That It Has Installed Spyware On Its PCs

In the case of HP it has come to no abuse, HP assures. The keylogging code was therefore included in the mentioned SynTP.sys file, which in turn is part of the Synaptics touchpad driver, which comes with numerous HP notebooks. According to Hacker News, the software was found on around 460 models.

Also Read: HP Has Been Accused Of Installing Spyware On Its Computers

Although the keylogger is disabled by default, hackers could turn it on by changing a registry value and using open source tools to bypass user account control. The registry key is located in the following locations:

  • HKLM \ Software \ Synaptics \% Product Name%
  • HKLM \ Software \ Synaptics \% Product Name% \ Default

Also Read: Meg Whitman Will Resign As The CEO Of HP Soon

The discoverer of the keylogger, according to their own information was already reported to HP last month. The company has then confirmed this. However, the manufacturer has stated that this is just a debug remnant that has been erroneously left behind. Meanwhile, the code has been removed from the driver, HP said that neither you nor Synaptics had access to customer data. A driver update is already available, the list of affected notebook models can be found on an HP website.

Source

Leave a Reply