1 min read

HP laptops found carrying keylogger in Synaptics touchpad driver

Filip TRUȚĂ

December 13, 2017

HP laptops found carrying keylogger in Synaptics touchpad driver

For the second time this year, Hewlett Packard (HP) computers have been found vulnerable to hacker attacks due to leftover debugging code that developers forgot to delete before shipping.

A researcher using the Internet handle “ZwClose” recently discovered what was essentially a keylogger in the Synaptics Touchpad driver used in almost all HP laptops, as well as laptops produced by other companies.

HP acknowledges the discovery and offers a vague outline in a security advisory.

“A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners,” reads the document. “A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.”

ZwClose makes it clear that the debug trace, while turned off by default, could easily be enabled by setting a simple registry value. Since the keylogger saves scan codes to a WPP trace, it makes for an attractive vulnerability that hackers might try and exploit.

HP has since provided software updates for Synaptics touchpad drivers. The affected HP products are listed in the security advisory, with the designated patch next to the model name. HP is updating the document with new “softpaqs” as they become available.

In the meantime, you can visit the table and fetch the new Synaptics touchpad drivers for your respective model.

Since the vulnerability affects all Synaptics OEM partners, users of other laptop brands should expect patches to come their way.

One way to check if your laptop uses Synaptics touchpad technology is to open an Explorer window, right-click This PC, choose Properties, and select Device Manager from the list of services in the left pane. Scroll down until you see Mice and other pointing devices and expand the section to reveal the vendor. If you see a Synaptics reference, chances are your device model is affected.

tags


Author



Right now

Top posts

Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

August 27, 2021

2 min read
Your Netflix Account May Be on Sale on Darkweb. Protect It

Your Netflix Account May Be on Sale on Darkweb. Protect It

August 13, 2021

3 min read
E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Do Mobile Security Solutions Really Work or Are They a Scam? Do Mobile Security Solutions Really Work or Are They a Scam?
Filip TRUȚĂ

September 17, 2021

2 min read
Microsoft Drops Password Authentication for Most Products Microsoft Drops Password Authentication for Most Products
Silviu STAHIE

September 16, 2021

1 min read
Apple Rolls Out Urgent Patch for Zero-Day Flaws in iOS, macOS and watchOS Apple Rolls Out Urgent Patch for Zero-Day Flaws in iOS, macOS and watchOS
Filip TRUȚĂ

September 14, 2021

2 min read