Preinstalled software has been discovered on HP laptop models, that could have been recording every letter and keystroke on users’ keyboards.
The keylogger security flaw was discovered by researcher Michael Myng, who found a hidden software could be present in over 460 different HP laptop models – including the EliteBook, ProBook, Pavilion and Envy ranges.
Fortunately, for everyone concerned, the keylogger was found to be in a deactivated state, and a by-product of a system driver originally used during the testing phase.
However, the left over flaw, present is some laptops from as far back as 2012, could have represented serious privacy concerns. However, anyone wishing to take advantage of the security issue would have to have physical access to a user’s laptop and also administrative rights.
HP have now issued a patch that removes the issue, and have been praised for the their fast reaction once they were made aware of the problem. That said, it is the second time this year that HP has had to issue an emergency patch for its laptops.
HP said more than 460 models of laptop were affected by the “potential security vulnerability”. The issue affects most laptops in the EliteBook, ProBook, Pavilion and Envy ranges, alongside others. The full list of exactly what laptops are and aren’t affected, can be found, here.
HP’s advisory stated that the vulnerability “impacts all Synaptics OEM partners… Neither Synaptics nor HP has access to customer data as a result of this issue… A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.”
Anyone who owns a HP laptop has been strongly urged to check whether their model laptop is affected and update their system as soon as they can.