2 min read

Audio Driver in HP Laptops Acts as Keylogger, Fix Available

Liviu ARSENE

May 12, 2017

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Audio Driver in HP Laptops Acts as Keylogger, Fix Available

HP laptops sporting an audio driver developed by audio chip maker Conexant were found recording all user keystrokes in an unencrypted file.

Security researchers found that some HP laptops are shipped with an audio driver that can record all keyboard activity and store the information locally and unencrypted in a file on the computer”s hard drive. While they believe that this was not an intended “feature” of the audio drive, it does raise serious security concerns as cybercriminals could leverage the existence of the file to gain access to sensitive information, such as passwords, authentication credentials, or any other data.

The driver”s original purpose was to “listen” for the activation of specific keys, but a debugging feature built into it allows for all keystrokes to be logged and saved in an unencrypted file, within a public directory. As a result anyone with local or remote access to the computer can view the complete history of keystroke activities.

“This type of debugging turns the audio driver effectively into keylogging spyware,” wrote the Swiss security researcher. “On the basis of meta-information of the files, this keylogger has already existed on HP computers since at least Christmas 2015.”

Although chip maker Conexant has yet to issue any statement on the matter, HP did state they”re aware of the situation and that the debugging feature implemented by the software developer should have not been included in the final shipping of the product.

“Our supplier partner developed software to test audio functionality prior to product launch and it should not have been included in the final shipped version,” said HP in a statement.

“HP has no access to customer data as a result of this issue. We have identified a fix and will make it available to our customers,” according to the company.

Damaged devices include HP Elitebook, Probook and Zbook laptops running Windows 7 or 10, but a full list of affected HP products can be found here. The unintended “feature” has already been assigned a CVE (CVE-2017-8360).

Users suspecting they may have the Conexant driver installed on their system can search for it themselves and remove it, along with the keylogging log file. Removing the MicTray.exe file (from the following locations: “C:\Windows\System32\” or” C:\Windows\System32\”) and the MicTray.log file, located in “C:\Users\Public\” will remove the keylogging “feature” of the driver.

HP has already issued a publicly available fix for the problem, available via Windows Update or from HP”s official website, addressing device models starting with 2016. For 2015 models, the fix will be available this week.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Common Credentials Criminals Use in IoT Dictionary Attacks Revealed Common Credentials Criminals Use in IoT Dictionary Attacks Revealed
Silviu STAHIE

November 30, 2021

3 min read
Interpol Busts 1,000 Cyber Crooks and Recovers $27M in Massive Fraud Crackdown Interpol Busts 1,000 Cyber Crooks and Recovers $27M in Massive Fraud Crackdown
Filip TRUȚĂ

November 29, 2021

2 min read
Social media firms will be forced to unmask online trolls, says Australia Social media firms will be forced to unmask online trolls, says Australia
Graham CLULEY

November 29, 2021

2 min read