HP patch released to stop keyboard-tracking computer bug

HP has released a patch to remove keylogging software that was accidentally installed on nearly 500 computer models within the last five years.

The company released a security update and has warned owners of HP computers to install it as soon as possible.

Models affected include G2 Notebooks, EliteBooks, EliteBook Folios, ProBooks, and more.

The issue was discovered by research Michael Myng, who discovered a deactivated keylogger in software on over 460 models of HP laptop.

Myng said that once he raised the issue, HP acted “terrificly [sic] fast” and said that the keylogger was erroneously present as a “debug trace”.

While the keylogger feature is deactivated in the default setting, an attacker with physical access to the computer could easily turn it on.

“A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners,” HP’s summary of the issue states.

“A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.”

For a full list of the affected HP computer and for information on the software updates, click here.