HP issues fix for keylogger found pre-installed on several laptop models

13 May 2017, 01:47 | Myrtle Hill

HP issues fix for keylogger found pre-installed on several laptop models

HP issues fix for keylogger found pre-installed on several laptop models

A number of HP laptops come with a nasty accidental hidden "feature", in the form of a keylogger which records the user's typed input - although the issue has now been patched by the company.

So, what is the cause of the problem?

Modzero believes that there "is no evidence that this keylogger has been intentionally implemented", adding that "it is [obviously] a negligence of the developers".

"Users are not aware that every keystroke made while entering sensitive information - such as passphrases (or) passwords on local or remote systems - are captured by (the software)", the security advisory continued.

The driver, which was developed by audio chip manufacturer Conexant, is preloaded on over two dozen models of HP laptops, including the HP Elitebook, HP ProBook, and HP ZBook.

The keylogger is used by audio drivers to determine when the up and down volume control buttons have been pressed.

HC judge Karnan gives cops the slip
CJI Khehar asked Nedumpara where is Justice Karnan, to which the bench was informed that he was "very much in Chennai ". Karnan, to ratchet up the fight, passed an order directing the examinations of all these seven judges instead.

Mental Health Month targets 'Risky Business'
Now the Foundation is calling for a Royal Commission to seek ways of preventing mental ill health, focusing on reducing the risk. SA Mental Health Commissioner Chris Burns heard from Port Lincoln and Eyre Peninsula residents at Ravendale on Monday night.

Wizards' Oubre Suspended After Charging Kelly Olynyk
If, however, the Celtics do take down one of the best home team's in the league, things will look a lot more dim for the Wizards. Thomas acknowledged that the Wizards' 26-0 third-quarter run was the reason for the result, not the officiating.

"Investigators with access to the unencrypted file-system might be able to recover sensitive data of historic key logs as well", Modzero said.

The log file-located at C:\Users\Public\MicTray.log-is overwritten after each computer reboot, but there are several ways that the contents could survive for weeks, or even indefinitely. A list of affected products can be found here. Doing so, however, may disable special key function but that's a fair trade-off IMO. If you find this log file existing in your C drive, then please have it deleted immediately, says the firm.

Regardless, Modzero is advising that everyone who owns a HP computer should be on guard, and check whether C:\Windows\System32\MicTray64.exe or C:\Windows\System32\MicTray.exe is installed.

HP shares closed at $19.26 on Thursday. In other cases, the keystrokes will be passed to a Microsoft Windows debugging interface on the PC, and expose them to possible capture, Modzero said.

Specifically, the keylogger itself is embedded in a device driver called MicTray64.exe and uses a debugging feature to capture all information a user types, including passwords and user logins.

What makes this worse is that business laptops are mainly affected, and these devices are built around security - because obviously an organisation's corporate data is a very precious resource.



Other News

Trending Now

GSEB HSC Class 12 science stream 2017 results 2017 declared
The Board Conducts two exams Main SSC (Secondary School Certificate ) and HSC (Higher Secondary School Certificate). Keeping in mind the previous trends, the Gujarat Board may release the result an hour before the scheduled time.

Economy Watch: Retail Sales Up in April
Shares in JC Penney sank 10% after it became the latest department store chain to report disappointing results. Sales at merchants of electronics and appliances rose 1.3 per cent in April after a 2.2 per cent jump.

Tags: Sensex scales another peak of 30346.69
The BSE benchmark Sensex, which rose to 30,346.79, is now at 30,315.50, up 67.33 points or 0.22% from previous close. The 50-share NSE Nifty gained 43.35 points, or 0.46 per cent, to quote at a life-time high of 9,450.65.

OSU Sports Score High With APR
Idaho was given a bowl ban for the 2014 season, but it was lifted in March 2015 because the team had shown academic progress. Of 351 Division 1 basketball programs , Michigan State is one of only 20 to earn a flawless multi-year April score of 1000.

Trump signs religious freedom executive order
"We're going to start protecting religious liberty instead of assaulting it". He said in February he would "totally destroy" the amendment.

Frat member told 911: 'We have a friend who's unconscious'
In a group text message sent just before midnight, one brother wrote, "Tim Piazza might actually be a problem". His chest was bare, he was breathing heavy and he had blood on his face, according to the presentment.

North Korea says detains another American citizen, KCNA reports
North Korea announced Sunday that it has detained yet another USA citizen - the fourth now in the Hermit Kingdom's custody. North Korea continues to test missiles and the U.S. sent warships to the Korean Peninsula as a show of force last month.

Blackburn's decline from Premier League champions to League One
The striker scored a penalty two minutes before half-time before Chris Cohen fired in a second from distance after the break. Victories for Nottingham Forest and Birmingham condemned Rovers to relegation.

Nigeria presidency releases names of freed Chibok girls
Its insurgency has killed more than 20,000 people and driven 2.6 million from their homes, with millions facing starvation. Nigerian President Muhammadu Buhar has expressed joy at meeting the 82 girls, as he shared photos of them on social media.

Syria And Israel's Rocky Relationship Might've Just Gotten Worse
The missile was intercepted by Israel's missile defense system and prompted a serious warning from the Israeli government. The state's intelligence minister, Israel Katz, confirmed that such a raid would comply with government policy.