Hewlett Packard has been forced for the second time this year to issue an emergency patch for pre-installed keylogger software.
Hewlett Packard has come up with an emergency fixture to find a solution to a driver-level keylogger revealed on a large quantity of HP laptops. Michael Myng discovered the bug, and is also known as “ZwClose.” The security researcher was discovering the Synaptics Touchpad SynTP.sys keyboard driver and how the keyboards of the laptop were backlit and repeated mistakes across code which considered doubtfully like a keylogger.
ZwClose also said the keylogger which protected scan codes to a WPP trace, was based in the driver. While the logging was inactivated set by default, fixed the right permissions, it could be allowed through altering registry values and so should a laptop be cooperated by malware, intended to do harm code containing Trojans could capture the benefit of the keylogging system to detect on users.
“I messaged HP about the finding,” Myng said. “They replied terrifically fast, confirmed the presence of the keylogger (which actually was a debug trace) and released an update that removes the trace.”
HP has acknowledged the issue. In a security advisory, HP said:
“A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners. A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.”
Together CVSS score of 6.1 has been issued with updated firmware and drivers for a large number of laptops, both commercial and consumer. The marked products contain HP G2 Notebooks, the HP Elite x2 1011 G1 tablet, HP EliteBooks, HP ProBooks and HP ZBook models.
The researcher stated that a patch will also be incorporated in Windows Update. A security firm Modzero revealed a keylogger in the Conexant HD audio driver package back in May 2017 and installed in a large number of HP devices. Hewlett Packard rapidly rolled out a fix which analyzed the issue, which could be utilized to gather data containing passwords, website addresses, and private messages.