475 HP notebook models are reported with Keylogger found in keyboard driver

  • ACEPC CK2, Best Barebone Mini Gaming PC 2018
  • ACEPC AK1 vs ACEPC AK2 vs ACEPC CK2 vs HP Z2 Mini G3, which is the best for you?
  • ACEPC GK2 may be the first Gemini Lake Mini PC you can buy

  • We all make mistakes at some point, but I don’t want to hear oops when it comes to keyloggers that are “accidentally” preinstalled on computers. Nevertheless, 475 models of Hewlett-Packard notebooks, mobile thin clients and mobile workstations had a keylogger wrapped inside a keyboard driver.

    It’s bad enough that a keylogger is found to be lurking on HP computers at all, but to happen twice in one year is ludicrously pathetic. Back in May, HP issued a fix after researchers discovered a keylogger monitoring keystrokes in an audio driver package installed on nearly 30 models of HP computers.

    In this newest go around, security researcher ZwClose discovered a keylogger in in the keyboard driver — the Synaptics Touchpad driver, or SynTP.sys file, which shipped with nearly 500 HP laptop models.

    In the security bulletin, HP noted that “only” the impacted versions were listed. There are “only” 475 products listed; the list included 172 commercial notebooks, mobile thin clients, mobile workstations, as well as 303 consumer notebooks with several models listed under some of those notebook products.

    As ZwClose, aka Michael Myng, according to HP’s security bulletin, noted in a write-up about the vulnerability, “The logging was disabled by default but could be enabled by setting a registry value.” In other words, an attacker could bypass User Account Control (UAC) and use malicious code to turn on the keylogger by changing the registry value.

    HP described the potential security impact of the Synaptics Touchpad driver vulnerability as the “potential, local loss of confidentially.”

    HP’s vulnerability summary stated:

    A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners. A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.

    Myng found the keylogger while he was trying to figure out how to control the backlighting of HP’s laptop keyboard. He reported his findings to HP in November.

    They replied terrifically fast, confirmed the presence of the keylogger (which actually was a debug trace) and released an update that removes the trace. Get the list of affected models and fixed driver at HP website. The update also available via Windows update.

    HP suggested acting on the security bulletin “as soon as possible.” The company listed all impacted HP products and released software updates for Synaptics touchpad drivers.

    The fix for some of the impacted products, such as specific notebook models of HP Envy m6-nXXX, HP Envy 15-qXXX, HP Envy TouchSmart 15-qXXX, HP Stream x360 11 Convertible and HP x360 11 Convertible notebook, are yet “to be announced.” HP said it would “update the table as Softpaqs become available.”

  • Acer Mini PC
  • Apple Mini PC
  • ASRock Mini Pc
  • Asus Mini PC
  • AWOW Mini PC
  • AZULLE Mini PC
  • Beelink Mini PC
  • Best Mini PC
  • Bluetooth Headphones
  • Core i7 4790K Mini PC
  • CyberpowerPC Mini PC
  • Dell Mini PC
  • Digital Photo Frame
  • HP Mini PC
  • HYSTOU Mini PC
  • info
  • Intel
  • Intel Atom x5-Z8300 Mini PC
  • Intel Atom x5-Z8350 Mini PC
  • Intel Atom Z3735F Mini PC
  • Intel Celeron G1840 Mini PC
  • Intel Celeron J1900 Mini PC
  • Intel Celeron J3455 Mini PC
  • Intel Celeron N3050 Mini PC
  • Intel Celeron N3150 Mini PC
  • Intel Celeron N3450 Mini PC
  • Intel Core i3 4025U Mini PC
  • Intel Core i3 5005U Mini PC
  • Intel Core i3 6100U Mini PC
  • Intel Core i5 2500 Mini PC
  • Intel Core i5 3317U Mini PC
  • Intel Core i5 5200U Mini PC
  • Intel Core i5 6200U Mini PC
  • Intel Core i5 7200U Mini PC
  • Intel Core i5-4200U Mini PC
  • Intel Core i7 6700K Mini PC
  • Intel Core i7-4500U Mini PC
  • Intel Core i7-7500U Mini PC
  • Intel Mini PC
  • Intel Pentium J3710 Mini PC
  • Intel Pentium J4205 Mini PC
  • Intel Pentium N3540 Mini PC
  • Intel Pentium N3700 Mini PC
  • Intel Pentium N4200 Mini PC
  • Intel Xeon W3520 Mini PC
  • Jetway Mini PC
  • KINGDEL Mini PC
  • LENOVO IDEACENTRE Mini PC
  • Lenovo Mini PC
  • Lenovo ThinkCentre Mini PC
  • LIVA Mini PC
  • MeeGOpad Mini PC
  • Mini Computer
  • MINIX Mini PC
  • MSI Mini PC
  • News
  • NEXBOX Mini PC
  • Oemgenuine Mini PC
  • Partaker Mini PC
  • Plater Mini PC
  • Qotom Mini PC
  • Samsung Mini PC
  • Shuttle Mini PC
  • Windows 10 Mini PC
  • XCY Mini PC
  • XOTIC Mini PC
  • ZBOX Mini PC
  • ACEPC Product List

    Mini PC:
    ACEPC AK1 (J3455,4+32GB, 2.5″ SATA, USB 3.0×2, Type C x1) (Best Seller)
    ACEPC T9 (Z8350,4+32GB, metal housing)
    ACEPC T11 (Z8350,4+32GB, VGA, 2.5″ SATA)

    Mini PC Stick:
    ACEPC W5 (Z3735F, 2+32GB)
    ACEPC T5 (Z8350, 2+32GB)
    ACEPC W8 (Z3735F, 2+32GB)
    ACEPC W8 Pro (Z8350, 4+32GB)

    Others:
    ACEPC Bluetooth Headphones
    ACEPC P1, WiFi Digital Photo Frame