HP updates driver, fixes keylogger issue
The keylogging function has been around since an updated version that was released in December 2015
HP has updated its audio drivers to fix the keylogger situation that was discovered last week. According to the reports, security researchers had discovered that 28 HP laptops and PC models were installed with an audio driver which was working in a way different than intended. The driver was collecting all keystrokes instead of just detecting when the user was trying to mute and unmute the audio.
“Our supplier partner developed software to test audio functionality prior to product launch and it should not have been included in the final shipped version,” HP said in a statement.
The keylogging function has been around since an updated version that was released in December 2015, although the presence of the log file only came with the October 2016 update.
The updated version 10.0.931.90 has been released, which fixes the problem. In order to get the update, users are required to visit hp.com and search for the latest audio driver for your device model.
The anomaly was first discovered by Modzero, a Swiss security firm, who warned last week that an app that came installed with many HP devices featuring a Conexant audio driver which was logging keystrokes in a file that could easily be grabbed if the device became infected. The keystrokes were then transmitted to a debugging API, which allowed the local user or process to easily access everything in there.
The vulnerability has been identified as CVE-2017-8360, and this issue affects 28 HP laptops and tablet PCs, including EliteBook, ProBook and others. The audio chip maker has yet to discuss whether other laptops made by other vendors featuring their chip could also be affected.
The keylogger capabilities were supposed to be a lot more restrained. In fact, the functionality was designed to help determine whether the user was pressing any of the special audio keys, so the driver could react accordingly. Researchers believe the extended capabilities may very well be the result of negligence as there is no evidence of malicious intent.
HP has claimed that the bug does not allow it to access customer data. It is however, worth mentioning that HP has moved swiftly in releasing an update to fix the situation.
(source)