Keylogging Spyware Found On Dozens Of HP Laptop Models

Image courtesy of HP

Owners and users of nearly 30 different Hewlett-Packard laptop models, beware: It turns out an unknown number of computers shipped with a keylogger embedded in them, tracing and recording your every keystroke.

A security research firm based in Switzerland announced its discovery of the keylogger this week.

The problem software is part of the audio driver — the little bit of code that make your laptop able to play sound through your headphones. In several laptop models, the Conexant driver was found to include a keylogger that captured every single keystroke on your machine.

That includes login names and passwords, every comment you put on the internet, every email you send, every document you write, every keyboard command you issue. And yes, that is a giant security problem.

Those keystrokes weren’t sent anywhere, as far as anyone knows, but they were all stored in an unencrypted text log — meaning anyone who has access to your computer, including malware on your computer, could access and read it.

The security firm also notes that the driver’s API (code that allows software to talk to other software, basically) can also allow malware to “silently capture sensitive data by capturing the user’s keystrokes.” In short, this flaw in the audio driver would pretty easily let anyone “listen” in on everything you type, without accessing the log.

That’s the bad news. Here’s the better: HP’s already pushed a fix. Owners of 2016 and 2017 models can already download a patch from Windows Update or HP.com. A patch for 2015 models is supposed to become available sometime today.

An executive from HP told ZDNet that they didn’t know specifically how many models or customers were affected, but that the issue did affect both enterprise (business) and consumer machines.

According to the security bulletin, the full list of models thought to be affected includes:

  • HP EliteBook 820 G3 Notebook PC
  • HP EliteBook 828 G3 Notebook PC
  • HP EliteBook 840 G3 Notebook PC
  • HP EliteBook 848 G3 Notebook PC
  • HP EliteBook 850 G3 Notebook PC
  • HP ProBook 640 G2 Notebook PC
  • HP ProBook 650 G2 Notebook PC
  • HP ProBook 645 G2 Notebook PC
  • HP ProBook 655 G2 Notebook PC
  • HP ProBook 450 G3 Notebook PC
  • HP ProBook 430 G3 Notebook PC
  • HP ProBook 440 G3 Notebook PC
  • HP ProBook 446 G3 Notebook PC
  • HP ProBook 470 G3 Notebook PC
  • HP ProBook 455 G3 Notebook PC
  • HP EliteBook 725 G3 Notebook PC
  • HP EliteBook 745 G3 Notebook PC
  • HP EliteBook 755 G3 Notebook PC
  • HP EliteBook 1030 G1 Notebook PC
  • HP ZBook 15u G3 Mobile Workstation
  • HP Elite x2 1012 G1 Tablet
  • HP Elite x2 1012 G1 with Travel Keyboard
  • HP Elite x2 1012 G1 Advanced Keyboard
  • HP EliteBook Folio 1040 G3 Notebook PC
  • HP ZBook 17 G3 Mobile Workstation
  • HP ZBook 15 G3 Mobile Workstation
  • HP ZBook Studio G3 Mobile Workstation
  • HP EliteBook Folio G1 Notebook PC

The code was apparently a mistake, not meant to be included in the final version of the product that went to users.

HP told ZDNet in a statement that, “HP is committed to the security and privacy of its customers and we are aware of the keylogger issue on select HP PCs. HP has no access to customer data as a result of this issue.”

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.