Security Experts:

Connect with us

Hi, what are you looking for?



Synaptics to Remove “Keylogger” Functionality From Drivers

Synaptics says recent reports inaccurately characterized a debugging tool found in its touchpad drivers as a keylogger, but the company has decided to remove the functionality from its products.

Synaptics says recent reports inaccurately characterized a debugging tool found in its touchpad drivers as a keylogger, but the company has decided to remove the functionality from its products.

Earlier this month, a researcher reported finding what appeared to be keylogger functionality in a Synaptics touchpad driver shipped with hundreds of HP laptops. The functionality is disabled by default, but a user with administrator privileges can enable it and abuse it to log keystrokes.

The vulnerability, tracked as CVE-2017-17556, was reported to HP and patched by the company in November.

HP classified the vulnerability as medium severity (CVSS score of 6.1), and Synaptics has assigned it a low severity rating (CVSS score of 2.0). Some people agree that the flaw is not serious, arguing that an attacker with administrator privileges can install a proper keylogger and other types of malware.

Synaptics said the functionality was added to some of its drivers for diagnosing, tuning and debugging touchpads, but it was disabled before being shipped to customers. The same drivers are provided to other PC manufacturers, not just HP, but no other company has been named to date.

“Synaptics believes now, for best industry practices, that it should remove this debug tool for production versions of the driver,” the firm said. “Synaptics is unaware of any breach of security related to this debug tool.”

The company says it’s working with partners to identify affected products and release new drivers. It also recommends restricting administrator access to systems in order to prevent unauthorized activities.

“Synaptics takes great pride in making sure that its TouchPad drivers and other products meet industry-best security standards. In our new normal of heightened concern for security and privacy, Synaptics would like to apologize for any concerns that our debug tool may have raised. We have a path to immediately address this issue and other security concerns should they arise,” Synaptics stated.

Related: HP Laptop Audio Driver Acts as Keylogger

Related: NVIDIA Patches Several Flaws in GPU Display Drivers

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.