HP Patches Hundreds of Laptops to Remove Hidden Keylogger

In November 2017 Hewlitt Packard revealed that nearly 500 of its notebooks dating as far back as 2012 were shipped with a secret keylogger installed. Before the issue was publicly disclosed, HP owned up to the mistake of leaving this tool inside of its laptops, and on Nov. 7 posted device-specific patches for most of the models affected, which can be downloaded.

Hopefully, the tool was already removed from your notebook, as Microsoft bundled those patches into the November Windows update, but if you have any concerns feel free to get in contact.

Security researcher Michael Myng discovered the keylogger when probing the Synaptics touchpad software on an HP laptop. HP’s security bulletin says the “potential security vulnerability” affects all laptops with “certain versions of Synaptics touchpad drivers”— not necessarily just HP models. The keylogger is disabled by default, however.

“A party would need administrative privileges in order to take advantage of the vulnerability,” the bulletin states. “Neither Synaptics nor HP has access to customer data as a result of this issue.” HP told Myng that the keylogger was a debugging tool.

The same security bulletin includes separate software updates for every HP laptop loaded with the keylogger, and HP says you should install those updates “as soon as possible.”

For the original article please go here.