HP IS SHIPPING AUDIO DRIVERS WITH A BUILT-IN KEYLOGGER

[5/11/17]  That fancy new HP EliteBook laptop you just bought? It may be silently recording every keystroke, according to Swiss infosec firm ModZero.

For what it’s worth, it doesn’t look like there’s malice here – just staggering incompetence.

According to ModZero’s blog post, an update to HP’s audio drivers released in 2015 introduced new diagnostic features. One of these is used to detect if a special key had been pressed or released. Except it seems this was poorly implemented, as the driver ultimately acted like a keylogger, capturing and procesing every single keypress.

A later update to the driver was even more troubling, as it introduced behavior that wrote every single keypress to a log file stored locally on the user’s system. This is found at C:\Users\Public\MicTray.log.

Fortunately, this logfile is wiped every time you logout of your system, but as ModZero points out, if you’ve got any kind of incremental backup system in place, you could effectively be creating a permanent record of everything you type, every day.