Keyloggers are programs that are used to log every single keystroke on a computer. Yes, these programs can be used in a variety of legitimate ways, but they’re commonly used by hackers to steal information from their victims. While I’m pretty sure HP has no such intention, a Swiss infosec firm called ModZero has discovered that some HP audio drivers contain keyloggers.
ModZero’s post about the matter reveals that HP released an update for its audio drivers back in 2015 which brought diagnostic features. One of these features was meant to ascertain whether a special key was pressed or released.
It doesn’t appear to be a blatant attempt on HP’s part to record keystrokes of users, this seems to be an implementation issue. This update essentially made the driver function as a keylogger as it recorded every single keypress.
Things didn’t get better in the next update which enabled the driver to write every single keypress to a log file that was stored locally on the user’s computer. The file can be found at C:\Users\Public\MicTray.log.
The only good news out of all of this is that the file is automatically wiped every time the user logs out of their system. However, if someone has an incremental backup system running, they have basically been creating a permanent record of all their keystrokes.
ModZero has published a list of PCs that are known to be affected by this issue. HP is yet to comment on the matter.
Filed in HP.. Read more about