If you’ve recently purchased a HP laptop you may want to rethink your security. A recent update to the audio driver installed on many HP laptops has been identified to include functionality similar to a keylogger. The program, which is designed to check for system hotkeys, is recording every keypress that users make.
The HP audio driver was originally given the functionality to detect special key presses in an effort to give users more control over their audio settings. This was a simple feature intended to make it easier to adjust things like volume controls with a single key press. A more recent update took this a step further which has introduced the problem. Instead of simply checking for a special hotkey, the driver now logs and saves every keypress to a file stored locally on the users system. The reason this is such a big concern is that along with your random keypresses, the audio driver is also logging your usernames, passwords and any other delicate information that shouldn’t be shared publically.
For once, this isn’t an instance of malicious intent; instead, it’s pure incompetence. On its own the system log file isn’t a threat, however, the file is stored in a user’s public directory. That means that anyone and any program could access the data. When it comes to malware, it wouldn’t even need to be a complex program, a simple website script could check to see if a user has the file and if it exists, upload it to the server. Since it’s not a protected file or contained in a system sensitive location, this interaction would not be intercepted by any antimalware programs.
Security researchers at have linked the keylogger functionality to the Conexant HD Audio Driver Package version 126.96.36.199 and earlier. This driver comes preinstalled on all new HP laptops and is set to run every time a user logs into their computer. If you have a laptop with this audio package, you can mitigate the issue if you disable the program MicTray64.exe from running at system startup.
HP has yet to acknowledge the security flaw but given the severity, it is likely that a patch will be forthcoming. Until then, be careful what information you enter into any HP laptops.