An audio driver installed in several HP laptops contains a keylogger-type feature that records every keystroke entered into the computer into a log file, according to a security researcher.
If an HP factory image is not installed on the computer, or you choose not to install HP Help and Support, manually update the Conexant audio drivers. Downloading and saving driver softpaqs to your computer. Mar 15, 2018 I uninstalled the driver again and then reinstalled the initial conexant ISST driver which was present before the update and it is the latest driver version from the HP drivers website for my laptop. I only use the internal speaker of my HP laptop for audio playback.
Swiss security firm Modzero said in a security advisory posted Thursday that the keylogger activity was discovered in the Conexant HD audio driver package (version 1.0.0.46 and earlier), found on dozens of HP business and enterprise laptop models, including HP Elitebook, ProBook, and ZBook models -- including the latest Folio G1 laptop.
Security
Anyone (or malware) with local access to the user's files on an affected computer, could obtain passwords, visited web addresses, private messages, and other sensitive information.
HP has since rolled out patches to remove the keylogger, which will also delete the log file containing the keystrokes.
A spokesperson for HP said in a brief statement: 'HP is committed to the security and privacy of its customers and we are aware of the keylogger issue on select HP PCs. HP has no access to customer data as a result of this issue.'
HP vice-president Mike Nash said on a call after-hours on Thursday that a fix is available on Windows Update and HP.com for newer 2016 and later affected models, with 2015 models receiving patches Friday. He added that the keylogger-type feature was mistakenly added to the driver's production code and was never meant to be rolled out to end-user devices.
Nash didn't how many models or customers were affected, but did confirm that some consumer laptops were affected.
Install Audio Driver Hp Laptop
He also confirmed that a handful of consumer models that come with Conexant drivers are affected.
The pre-installed audio driver installs a driver located in the Windows system folder, which is scheduled to start every time the user logs in. Modzero describes the application as a crude way to check to see if a hotkey was pressed by monitoring 'all keystrokes made by the user to capture and react to functions such as microphone mute/unmute keys/hotkey.'
The application then logs each keystroke into an unencrypted log file stored in the user's home directory. The log file is overwritten every time the user logs in.
In the case that a log file doesn't exist, Modzero says that the driver's API can allow malware to 'silently capture sensitive data by capturing the user's keystrokes.'
Here's what it looks like (the keystrokes are stored in hexadecimal code):
We weren't immediately able to confirm the findings, but a security researcher (who wanted to remain nameless) confirmed the findings of the advisory in a message to ZDNet.
Conexant did not respond to a request for comment at the time of writing.
Conexant Audio Driver Windows 10 Download
Updated at 8:30pm: with commentary from HP.