HP rolls out patch to fix keylogging bug in certain laptops

Otis Hoffman
May 13, 2017

More than two dozen HP laptop models, including the EliteBook, ProBook and ZBook, have an bug in the audio driver that will act as a keylogger, a Swiss security firm said Thursday. But in reality, the software will capture all the keystrokes and write them in an unencrypted file located on the laptop.

"This type of debugging turns the audio driver effectively into a keylogging spyware", it said.

HP issued a security update "for some of the affected models" yesterday, says the Daily Telegraph.

The log file itself is overwritten every time the computer is booted up but with system backups, an ongoing complete history of user keystrokes would be available. The file is wiped when you log out of your computer, but if you never do that, or if you have rigorous backups like you're supposed to, everything you've written could be recorded, including any passwords you type in. Monitoring of keystrokes is added by implementing a low-level keyboard input hook [1] function that is installed by calling SetwindowsHookEx (). "Obviously, it is a negligence of the developers - which makes the software no less harmful". Anyone, including malware writers, can look up what a user has been typing by exploiting the affected audio driver or looking up the log file created.

Thames hits 13th HR, Brewers outslug Red Sox in 11-7 win
The Red Sox's sloppy defense contributed to a four-run fifth inning for the Brewers that put the game out of reach for Boston. In ESPN leagues Broxton is owned in just 23.4% of leagues, meaning that he's likely available for you to scoop up.

All users of HP computers should check whether the program C:\Windows\System32\MicTray64.exe or C:\Windows\System32\MicTray.exe is installed.

A company spokesperson also assured the public that HP has had no access to the keylogger tool and any passwords or other details recorded by the driver were not seen by anyone at HP.

HP has said it is aware of the issue.

The keylogger is included in a device driver developed by Conexant, a manufacturer of audio chips that are included in the vulnerable HP devices.

Cahill eager to get Chelsea title party started
Chelsea's Diego Costa celebrates scoring against Middlesbrough at Stamford Bridge stadium in London , Monday, May 8. Antonio Conte wants Chelsea to claim the Premier League title at the first opportunity at West Brom on Friday.

ModZero recommends users delete or rename the executable files so that no keystrokes are recorded anymore.

"There was some debugging code in the audio driver that was mistakenly left there", he said.

Not only that, but Modzero's investigation reveals that the most recent version - 1.0.0.45 - implements the logging of all keystrokes into the file "C:\Users\Public\MicTray.log", which can be read by anyone able to access the PC.

HP has yet to return our request for comment.

Every Virginia Tech sport makes the grade in latest APR release
It's the first Virginia Tech sport to fall below a multi-year April of 940 since the wrestling team had a score of 901 in 2008-09. Ten of OSU's 15 programs demonstrated a positive trend by either matching or outperforming their multi-year rate in 2015-16.

Other reports by Info About Network

Discuss This Article

FOLLOW OUR NEWSPAPER