A researcher has discovered that a touchpad driver present on hundreds of HP laptops includes functionality that can be abused for logging keystrokes. The vendor has released patches for a vast majority of affected devices.
Michael Myng was looking for ways to control the keyboard backlight functionality on HP laptops when he noticed that the driver from Synaptics (SynTP.sys) included keylogging functionality.
The problematic code is apparently part of a debugger implemented through the Windows software trace preprocessor (WPP). The feature is disabled by default, but a user with administrator privileges can enabled it by changing a value in the Windows registry, allowing them to log keystrokes to a local file.
Myng informed HP of his findings and the company released updates that remove the problematic debugging functionality for nearly all impacted products. However, devices from other vendors that use this Synaptics driver could be affected as well.
“A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners,” HP said in its advisory. “A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.”
The vulnerability, classified by the vendor as “medium severity,” impacts more than 460 laptop models, including many EliteBook, mt, ProBook, Spectre Pro, Stream, ZBook, Envy, Pavilion, Split and Omen devices.
Some people have pointed out that an attacker who has the privileges required to activate the keylogger functionality could do anything on the system, including install a proper keylogger, and would not need to exploit this vulnerability. Others, however, believe it could still be useful for malicious actors since the keylogging mechanism is already in place.
This is not the first time keylogging functionality has been found in software shipped with HP laptops. Back in May, researchers discovered that a Conexant audio driver installed on some HP laptops had been logging keystrokes to a file.
Related: HP Laptop Audio Driver Acts as Keylogger
Related: NVIDIA Patches Several Flaws in GPU Display Drivers
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Russia Blames US Intelligence for iOS Zero-Click Attacks
- Cisco Acquiring Armorblox for Predictive and Generative AI Technology
- Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks
- Organizations Warned of Salesforce ‘Ghost Sites’ Exposing Sensitive Information
- Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards
- Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Zyxel Firewalls Hacked by Mirai Botnet
Latest News
- Russia Blames US Intelligence for iOS Zero-Click Attacks
- Toyota Discloses New Data Breach Involving Vehicle, Customer Information
- Cisco Acquiring Armorblox for Predictive and Generative AI Technology
- Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks
- Amazon Settles Ring Customer Spying Complaint
- Organizations Warned of Salesforce ‘Ghost Sites’ Exposing Sensitive Information
- Adobe Inviting Researchers to Private Bug Bounty Program
- Critical Vulnerabilities Found in Faronics Education Software
