A number of HP laptops come with a nasty accidental hidden ‘feature’, in the form of a keylogger which records the user’s typed input – although the issue has now been patched by the company.
You’ll Never Guess What They Found On Some HP Laptops
According to security firm Modzero, the keylogger is apparently buried in a Conexant audio driver, and it monitors keystrokes, recording keyboard input in a log file. Anyone who can access that file on the physical PC itself, or indeed pull off tricks to access it with malware, can potentially grab data such as typed passwords and so forth.
What makes this worse is that business laptops are mainly affected, and these devices are built around security – because obviously an organisation’s corporate data is a very precious resource.
When the bug was discovered, Modzero’s suggested workaround was to “delete MicTray executables and log files” (although that will obviously impair the function of your laptop to some degree).
HP also clarified that it didn’t get any access to customer data as a result of this problem. In a statement, the company said: “HP is committed to the security and privacy of its customers and we are aware of the keylogger issue on select HP PCs. HP has no access to customer data as a result of this issue. Our supplier partner developed software to test audio functionality prior to product launch and it should not have been included in the final shipped version.”
This sort of glaring hole sneaking into third-party drivers is certainly something HP will want to avoid in the future.