Security researcher Michael Myng has found a keylogger in HP laptops, allowing hackers to spy on everything a user is typing.
Michael Myng was inspecting a piece of software used on HP laptops when he discovered keylogging code in some of the software drives pre-installed onto the devices. Keyloggers are widely used by hackers to spy on what a user is typing, allowing them to gain private and personal data such as credentials and billing information.
HP have said that more than 460 models of laptops were affected by the security vulnerability, including some of their most popular products like the EliteBook, ProBook and Pavilion models dating back to 2012.
Michael Myng has confirmed that the keylogger was disabled by default, however it can still potentially be enabled if a hacker were to gain access to the device. HP have said that the keylogger was installed to ?debug errors? in the Synaptics Touchpad software. They clarified that both HP and Synaptics did not have access to customer data, however they did acknowledge that it could potentially lead to a loss of confidential data, if a hacker was to gain access.
This is not the first time a keylogger has been discovered in HP laptops. In May a keylogger was discovered in audio drivers that were pre-installed onto the devices, something HP said had been mistakenly added.
HP have issued a software patch for their customers to remove the vulnerability with a list of all HP model laptops that are affected by the exploit, the patch can be found on HP?s security bulletin page. Cyber Wise recommends that all users with HP models go to HP?s security bulletin page to find out if their device is affected and install the patch.