In Depth

HP releases security fix after 'keylogging' discovery

Study finds a 'covert storage channel' for user keyboard inputs was packaged with laptop audio software

Hewlett-Packard (HP) has issued a security update after it was discovered user keyboard inputs were being recorded on some of its computers.

Security firm Modzero found a "covert storage channel for sensitive data" had been packaged in with audio driver software developed by Conexant on several HP laptops and was recording the user's keystrokes.

"This type of debugging turns the audio driver effectively into a keylogging spyware," it said. Information in the software's meta-data indicated it "already existed on HP computers since at least Christmas 2015".

While files containing logged keyboard inputs are "overwritten after each computer reboot", says ArsTecnica, they could be restored using certain "forensic tools".

Information held would include "a comprehensive history of everything that was typed on the keyboard", including "passwords, e-mails, and contacts".

HP issued a security update "for some of the affected models" yesterday, says the Daily Telegraph. The remaining laptops are expected to be patched today.

A total of 28 computer variants were found to contain the "bug", continues the paper, including the high-end EliteBook and ProBook models.

HP told Cnet:"Our supplier partner developed software to test audio functionality prior to product launch and it should not have been included in the final shipped version."

It added that despite the software's ability to record user data, the company did not have access to customer information. 

Recommended

The Chips Act: congress’s $52bn giveaway 
US President Joe Biden holds a semiconductor chip 
Getting to grips with . . .

The Chips Act: congress’s $52bn giveaway 

How TikTok is shaking up the news
TikTok on a screen
In Focus

How TikTok is shaking up the news

How Instagram’s makeover has alienated users
A woman looks at her smartphone
Why we’re talking about . . .

How Instagram’s makeover has alienated users

Massage apps, copyright and a tropical disease
Person gets a massage
Podcasts

Massage apps, copyright and a tropical disease

Popular articles

Why The Satanic Verses is still controversial
Salman Rushdie, author of The Satanic Verses
Getting to grips with . . .

Why The Satanic Verses is still controversial

Is World War Three on the cards?
Ukrainian soldiers patrol on the frontline in Zolote, Ukraine
In Depth

Is World War Three on the cards?

Ten Things You Need to Know Today: 15 August 2022
10 Downing Street
Daily Briefing

Ten Things You Need to Know Today: 15 August 2022

The Week Footer Banner