- A dormant keylogger was discovered in nearly 500 HP laptop models.
- Keyloggers can record your keystrokes, posing a security and privacy threat to users.
- Hackers would need physical access to your computer to activate the keylogger.
- HP has issued a list of affected models, as well as software updates to fix the issue.
A security researcher discovered a vulnerability in a common piece of software that comes installed on several laptop brands and models.
This bug is in the Synaptics software that controls keyboard and trackpad inputs on 460 HP laptop models, including versions of the Pavilion, the EliteBook, and the ProBook.
It’s referred to as a “keylogger,” which can record your keystrokes.
A keylogger can be dangerous in the hands of a hacker, as it can record and send your keystrokes to potentially reveal sensitive information like passwords.
Thankfully, the keylogger in the Synaptics software on HP laptops is disabled by default, and a hacker would need a laptop’s administrative rights to enable it, meaning the hacker would need physical access to an affected laptop.
“Neither Synaptics nor HP has access to customer data as a result of this issue,” HP said on its support page.
Still, it’s worth covering all your bases. HP has issued a list of the affected laptop models, as well as software updates users can install to fix the bug. If you don’t know your HP laptop’s model, you can check for a sticker underneath the computer that might contain the model number.
It was not immediately clear whether the bug was due to a flaw in the Synaptics software or to the way it was integrated into HP laptops.
HP’s support page about the situation says the bug can affect “all Synaptics OEM partners,” which suggests that any laptop brand that uses Synaptics for keyboard and trackpad control may be affected.
A statement from HP on the matter says: “HP was advised of an issue that exists with Synaptics’ touchpad drivers that impacts all Synaptics OEM partners. HP uses Synaptics’ touchpads in some of its mobile PCs and has worked with Synaptics to provide fixes to their error for impacted HP systems, available in the security bulletin on HP.com. HP has no access to customer data as a result of this issue.”
Synaptics shares were down 1.8%, at $US38.22, in regular trading on Monday, while HP shares were up nearly 1%.
Synaptics did not immediately return requests for comment.