A security researcher has discovered a keylogger in the keyboard driver of HP that could potentially be abused by malware. The keylogger was found inside the driver of the Synaptics Touchpad that is installed on hundreds of HP laptop models, potentially affecting millions of users.
The security researcher goes by the alias ZwClose on Twitter, the place where he reported to have found a keylogger in the file SynTP.sys.
Oh well. Keylogger in HP's SynTP.sys. Off by default. Vendor contacted. Fix released and pushed. Blog post is on the way.
— ZwClose (@zwclose) December 6, 2017
While the keylogger was disabled by default, a simple change in the Windows Registry could enable it. ZwClose warned HP about the issue. The company quickly replied and confirmed the existence of the keylogger code. HP claims the keylogger was used for debugging purposes and was accidently left in the driver.
HP has released an update to remove the code from the driver.The update can be downloaded from HP’s website and through Windows Update. The HP website also has a list of affected laptop models. The list contains about 500 different models.
According to HP’s statement on the issue also laptops of other vendors might be affected as HP writes, “A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners.”
The company also claims that both HP and Synaptics didn’t get any access to customer data.
It’s the second time this year a keylogger was found on HP’s laptops, previously a keylogger was found in audio drivers used on HP devices.