It was only eight months ago that a keylogger was found in an audio driver on HP laptops, and the company had to fix it. It would seem that the firm hasn't learned from that mistake, as a similar situation is happening today.
This time, the affected driver is the Synaptics touchpad, and it can be found in over 460 HP laptops that came out as far back as 2012. These devices include those from the EliteBook, Spectre, Pavilion, and Envy ranges, among others. You can find the full list of affected laptops here.
The keylogger itself should be disabled by default, although it's still a major security vulnerability. A third party could gain administrative privileges to activate it. As HP describes it:
A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners. A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.
In order to install the fix on your machine, you can check the security bulletin that we linked to above, where each machine's individual new driver is listed. You should also be able to install it automatically via the HP Support Assistant app on your device.
18 Comments - Add comment