HP is reported to have issued patches for 450+ commercial workstations, consumer laptops and other HP products after a keylogger was found to have been hidden in a driver.
What Is A Keylogger?
As the name suggests a keylogger / keystroke-logger usually refers to covert spying / monitoring software that tracks every key that you strike on your keyboard. This software is usually employed with malicious intent e.g. to collect account information, credit card numbers, user-names, passwords, and other private data.
Supposed To Be Debugger
In the case of the recent HP keylogger discovery, however, the offending versions of Synaptics touchpad drivers were actually intended to be to be used for debugging and aren’t believed to have been used with any malicious intent. The “debug trace" is actually a legitimate tool used by software companies to trace a problem / bug.
The security threat is, in this case, a potential threat which could be exploited by a hacker, who could potentially track every letter a laptop user typed.
HP has stressed that there has been no recorded access to customer data as a result of the issue.
The discovery of the potentially serious threat was made by a computer programmer known as ‘Myng’ back in November, who discovered the issue when trying to control the backlighting of an HP keyboard. The programmer noticed a format string for a keylogger when looking through the keyboard driver. At this point, he contacted HP about his discovery.
Not The First Time
Strangely, this is not the first time such a discovery has been made about drivers installed in HP products. Back in May, a keylogger was discovered in Synaptics subsidiary Conexant's audio drivers, which are installed in HP Laptops.
HP actually issued a fix for this latest “potential, local loss of confidentiality” issue back on 7th November (updated 12th December).
What Does This Mean For Your Business?
If your business uses HP Commercial Notebooks, Mobile Thin Clients, Mobile Workstations, or if you use an HP Consumer Notebook, the company has provided software updates for Synaptics touchpad drivers listed by model (a long list) on the support section of its website here: https://support.hp.com/us-en/document/c05827409 .
This story illustrates how software development needs to take into account all known potentially malicious angles. It also helps to illustrate how we may all be facing risks from as yet undiscovered bugs and vulnerabilities in commercial software that we are already using.
The importance of keeping up to date with patches and software updates cannot be understated. It is worth remembering that 9 out of 10 businesses are hacked through un-patched vulnerabilities, that hackers can attack nine out of 10 businesses with exploits that are more than three years old, and that 60% of companies experience successful attacks targeting devices for which a patch has actually been available for 10 or more years.