HP laptops come with keylogger in the audio driver

Posted 11 May 2017 17:27 CEST by Kerry Brown

A potential keylogger has been found by security researchers in many Hewlett Packard laptops.  The Swiss security firm modzero found the vulnerability in April and have released details to the public today.

The keylogger was found within the pre-installed Conexant HD Audio Driver Package version 1.0.0.46 and earlier.  Within that package, there is one file called MicTray64.exe (C:\windows\system32\mictray64.exe), which is scheduled to start every time a person logs on to their computer.  The file monitors every keystroke, and is intended to react to hotkeys for for certain functions, like muting and un-muting the microphone.  Other programs work in a similar manner, but the issue with this one is the fact that it logs everything to a local file found at C:\users\public\MicTray.log.

In effect, it is creating a record of everything done on the computer, including passwords and sensitive material.  If you make incremental backups on an HP laptop with this audio driver, you are also making a continual record of everything typed on the computer over months of time.

Modzero researchers say that they have found the audio driver on 28 models of HP laptops.  The only way to counter the vulnerability is to remove the MicTray64.exe file.

 

   HP EliteBook 820 G3 Notebook PC
   HP EliteBook 828 G3 Notebook PC
   HP EliteBook 840 G3 Notebook PC
   HP EliteBook 848 G3 Notebook PC
   HP EliteBook 850 G3 Notebook PC
   HP ProBook 640 G2 Notebook PC
   HP ProBook 650 G2 Notebook PC
   HP ProBook 645 G2 Notebook PC
   HP ProBook 655 G2 Notebook PC
   HP ProBook 450 G3 Notebook PC
   HP ProBook 430 G3 Notebook PC
   HP ProBook 440 G3 Notebook PC
   HP ProBook 446 G3 Notebook PC
   HP ProBook 470 G3 Notebook PC
   HP ProBook 455 G3 Notebook PC
   HP EliteBook 725 G3 Notebook PC
   HP EliteBook 745 G3 Notebook PC
   HP EliteBook 755 G3 Notebook PC
   HP EliteBook 1030 G1 Notebook PC
   HP ZBook 15u G3 Mobile Workstation
   HP Elite x2 1012 G1 Tablet
   HP Elite x2 1012 G1 with Travel Keyboard
   HP Elite x2 1012 G1 Advanced Keyboard
   HP EliteBook Folio 1040 G3 Notebook PC
   HP ZBook 17 G3 Mobile Workstation
   HP ZBook 15 G3 Mobile Workstation
   HP ZBook Studio G3 Mobile Workstation
   HP EliteBook Folio G1 Notebook PC

The original report from modzero can be found here.



Myce.com settings

Several settings at Myce.com can be changed, they are stored in cookies, which means they will be reset if you clear Myce.com cookies

Background

Change the background to a plain color or trianglified image (similar to the default image)

No tracking features

At Myce most social media feature are done server side and impose no privacy risk to the visitor when not used. Several features use Javascript with you can turn off here

Layout

Switch to the List layout for an index with chronologycally listed news items or Grid layout for a block based layout. To see the change you need to reload the page

×