HP’s second laptop keylogger in less than a year


Graham Cluley
Graham Cluley
@[email protected]

The HP laptop keylogger

Researcher Michael Myng was trying to work out how to control the backlight on an HP laptop keyboard.

What he found instead was that the keyboard driver used by 475 models of HP laptops contained a secret keylogger, capable (potentially) of stealing passwords and other confidential information.

The news made for some pretty scary headlines, and – as I discussed in a past episode of the “Smashing Security” podcast – it’s not the first time that a hidden keylogger on HP devices has caused eyebrows to be raised.

Sign up to our free newsletter.
Security news, advice, and tips.

But, before you get too alarmed, bear this in mind. The keylogger in the HP Synaptics Touchpad driver (SynTP.sys) keyboard driver was not enabled by default.

It looks like, once again, debugging code was contained in a keyboard driver shipped by HP. To turn on the debug “feature” a user with admin privileges would have to make a change to the Windows registry, whereupon keystrokes would be logged to a local file.

Not a great scenario, but also not as bad as it being enabled by default, or your keypresses being beamed to a server under the control of HP or Synapatics.

HP has issued a security advisory, and pushed out updates to fix the potential security issue.

Of course you should ensure that any affected devices are patched as soon as possible, and if you’re a developer learn the lesson not to leave debug code lurking within your shipping code if it might put users’ privacy and security at risk.

And, if you really feel you do need to be seriously disgruntled about something, feel angry that HP has now made the same mistake twice in less than a year. That’s certainly something worthy of turning your CAPS-LOCK on for.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

3 comments on “HP’s second laptop keylogger in less than a year”

  1. Spryte

    HP has issued a security advisory, and pushed out updates to fix the potential security issue.

    There was a public advisory to the tech media but there was NO mention of it in my HP Support Assistant and neither were there any Pushed updates.

    I eventually did find the fix on the HP site but that was a long and arduous process.

  2. Johan

    Time to swap to another operating system?

  3. drsolly

    my caps lock key is disabled in software.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.