HP issued a patch for its Synaptics touchpad driver last month to fix a potential keylogger issue, but it may be more widely problematic than initially expected. The keylogger security researchers identified within the driver may affect hundreds of HP laptops and mobile workstations, including its recent Spectre Pro x360 models.
The fix for this problem was released at the start of November in a dry sounding fashion; the driver update was called the “Synaptics Touchpad Driver Potential, Local Loss of Confidentiality.” Although HP did designate it as something that should be acted on as soon as possible, ZwClose breaks down exactly why this issue is potentially more dangerous than HP makes it sound.
The keylogger in question was discovered hidden within HP’s keyboard driver and looked to save scan codes. Although the logging was disabled by default, it could easily be enabled by a user with administrative access. HP’s claim is that it was a debug trace that wasn’t removed — and now has been by the patch.
In the patch notes, it also goes out of its way to highlight that neither HP itself nor the touchpad developer, Synaptics, had any access to customer information:
“A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners,” the update page reads. “A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.”
Such a problem could still be easily exploitable by malware or a nefarious individual with local access to the HP machine. The fact that this news arises at a time when HP stands accused of installing spyware and tracking software on to customers’ machines (as per ZeroHedge), is hardly ideal. It’s not clear where the tracker came from — be it Windows Update or HP itself — but some users have complained of it having a negative effect on system performance as well.
Although incidents like this don’t engender much trust in a company, it is important that you acquire the patched driver either directly from HP’s website or through a Windows Update. Considering hundreds of different HP laptops are said to be affected by this bug, it’s all the more likely someone would try to exploit it, so update your system as soon as possible.
This isn’t the first time HP has had trouble with keyloggers on its platform, though the most recent one was auditory.