It is reported that more than 460 HP laptop models have been used to take advantage of the fact that the keylogger hacker has been exposed to discovery in Syntp.sys files, which is part of the Synaptics Touchpad driver that comes with some HP notebook models. A researcher found a default closed keyboard recorder in the keyboard drive of hundreds of HP laptop computers; HP has released firmware updates to address potential security vulnerabilities.
Earlier this year, the audio driver on several HP laptops was how to include a built-in keylogger code, record all keystrokes of the user, and username and password, personal information, a human readable file. A security researcher named “Zwclose” claims to have found similar built-in keylogger problems in several HP laptops, in the keyboard driver-Synaptics A keylogger is found in the Touchpad driver or Syntp.sys file with nearly 500 HP laptop models that allow hackers to record each keystroke and steal sensitive data including passwords, account information, and credit card information. Even if the keyboard record component is disabled by default, you can enable it by using the open Source tool that can be used to evade user Account Control (UAC) by setting registry values. Logging is disabled by default, but can be enabled by setting registry values. In other words, an attacker can bypass user Account Control (UAC) and use malicious code to turn on keyboard records by changing registry values.
Bad-The occasional mistake is something that happens to all of us at some point, but when it comes to the keyboard recorder “accidentally” pre-installed on the computer, I don’t want to hear oops. Still, the 475 models of HP laptops, mobile thin clients and mobile workstations have a keyboard recorder inside the keyboard drive. In May, HP had to fix the keystroke after researchers found that keyboard recorders monitored the keystrokes in the audio driver package installed on nearly 30 HP computers.
In the security bulletin, HP noted that “only” lists the affected versions. There are “only” 475 products listed; These include 172 commercial laptops, mobile thin clients, mobile workstations and 303 consumer laptops, some of which have been listed.
Note that if the keylogger is enabled, the keystroke is logged locally, and the keyboard recorder saves the scan code to the WPP trajectory.
To solve this problem, HP then introduced a patch to remove the keylogger, which also deletes the log file containing keystrokes. The company released a driver update to remove all the affected HP Laptop Model debug code. Click here to view a complete list of the affected HP laptops and their patches.
HP’s flaw concludes that:
Some versions of the Synaptics Touchpad drivers have identified potential security vulnerabilities that affect all Synaptics OEM partners. A party will need administrative privileges to exploit this vulnerability. Because of this problem, neither Synaptics nor HP has access to customer data. Some versions of the Synaptics Touchpad drivers have identified potential security vulnerabilities that affect all Synaptics OEM partners. A party will need administrative privileges to exploit this vulnerability. Because of this problem, neither Synaptics nor HP has access to customer data. They confirmed the presence of the keyboard recorder, which is actually a debug trace, and released an update to delete the trace. Get a list of affected models and fixed drivers on the HP Web site. Updates can also be updated through Windows.
HP recommends taking action on security bulletins as soon as possible. The company listed all the affected HP products and released software updates for the Synaptics Touchpad driver. Zwclose also publishes technical analysis of Syntp.sys files and Keylogger code for security researchers and software developers.