HP Issues Fix For Laptops That Accidentally Logged Every Keystroke – Forbes
Keeping the software installed on your computer fully updated should be a good thing. It’s supposed to make it harder for the bad guys to compromise your system by patching vulnerabilities. Sometimes, however, those updates introduce all new problems, and sometimes they’re quite severe.
That’s what some HP laptop owners were warned about this week. Just a few days ago, researchers with the Swiss cybersecurity firm Modzero revealed that they had discovered a serious issue with the audio driver package that was installed on certain Elitebook, Probook, Zbook, and Elite x2 models. One of the files that came bundled with the driver, mictray64.exe, was saving every single keypress on the affected laptops to a plain-text file.
It’s easy enough to see why that could be dangerous. Every password you type, every secret question you answered, every credit or debit card number you enter into a checkout form could have been recorded. Even though it’s only truly dangerous if that file winds up in the wrong hands, it still might leave you scratching your head and wondering why something to do with the sound system on your laptop was monitoring your typing in the first place.
Most laptops have several hotkeys on them to make it easier to do things like increase or decrease the screen brightness or adjust the volume without having to resort to moving the pointer around. To map those keys to the appropriate actions, software on the system needs to pay attention to what you’re pressing.
The faulty driver on these HP systems, however, took that to the extreme. So what went wrong? According to HP, the broad keylogging functionality had been enabled while the new audio driver was being tested. Somewhere along the line the “switch” that turned it on didn’t get turned back off, and users who downloaded and installed the new driver wound up with a rather nasty (albeit accidental) security issue.
HP has already released a new version of the driver that fixes the bug. To find out if your system was affected, have a look at HP’s security bulletin. If your model is on the list, download the updated driver from HP and install it. You may also want to delete the file C:UsersPublicMicTray.log just in case keystrokes were be logged.
I’ve reached out to HP for comment and will update this post with any information they provide.