|Photo by: CC0 Public Domain via Max Pixel|
Security researcher Michael Myng discovered a keylogging code in HP’s pre-installed software drivers, claiming that it may lead to a loss of confidentiality of the gadget. This has also been confirmed by HP and they have already released a patch to help users solve the vulnerability.
According to Myng, the notebook models with the keylogger code can potentially record everything that the users will type and it will pose privacy and security threats to several users. The bug, which exists in Synaptics touchpad drivers, has already been addressed by HP. It issued a statement that users of affected notebook models just have to update their driver and the vulnerability will be removed.
In HP’s Customer Support Security Bulletin, it wrote: “A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impact all Synaptics OEM partners.” The statement adds that in order to take advantage of such vulnerability, administrative privileges are required.
HP has also published the list of impacted software versions and devices, with some affected HP notebooks includes those released in 2012.
This is not the first incident where a keylogger has been found on an HP machine. Last May, a security researcher from Switzerland also spotted a keystroke-recording bug, ModZero.