HP’s Built-in Keystroke Logger

Many HP laptops have a built-in keylogger in their audio drivers according to computer security firm Modzero AG (via Ars’ Dan Goodin). Keyloggers record what you type, typically covertly, for the purposes of someone else getting access to that text data later on. In this case the researches did not find any malicious capability in the driver that uploads the recorded text to a remote location, but it is very easy to access the data coming out of the driver by anyone who has access to your computer.

It would make it very easy for a piece of malware on your computer to track what you type without jumping through extra steps.

That HP shipped this audio driver on their laptops to thousands or millions of customers since 2015 is very worrying.

You can test your HP laptop for this vulnerability by checking the list of affected models after the break or just delete these files if they’re installed on your computer:
C:\Users\Public\MicTray.log
C:\Windows\System32\MicTray64.exe
C:\Windows\System32\MicTray.exe

Continue reading “HP’s Built-in Keystroke Logger”