May 18, 2017
Swiss based security firm Modzero detected a bug in the audio drive of HP PC's that acts as a keylogger and records key strokes. More than thirty different models of HP computers have been affected including EliteBook, ZBook and ProBook, according to a blog posted by Modzero.
The key logger is present in a pre installed audio driver called mic tray in HP computers. It is used to determine which key is pressed to see if any audio related function is designated to the key. This in itself is not a problem. But due to a bug present in the coding, the data recorded was stored in a file within the PC. While the data was stored, it was not accessible to outsiders or HP itself.
"There is no evidence that this keylogger has been intentionally implemented. Obviously, it is a negligence of the developers - which makes the software no less harmful," said Modzero in their blog post. "If the developer would just disable all logging, using debug-logs only in the development environment, there wouldn't be problems with the confidentiality of the data of any user".
The issue can be fixed on our own by going to the C:\Users\Public\MicTray.log file and delete all the content in it. Deleting the folder permanently disable the feature although some of the keys used for controlling audio may not work. The issue was detected last month and HP and its hardware partner Conexant Systems which supplied the driver were notified.
“There was some debugging code in the audio driver that was mistakenly left there,” said Mike Nash, Vice President, HP. “It was left there by accident. The intent was to help us debug a problem.”
HP has released a patch to fix the issue and is available for download through its support page. It has also announced that the patch will be available via Thursdays Windows update. The patch will fix the flaw from the PC's audio driver and remove the entire log file that was recording the key strokes. HP has been in talks with Conexant about the issue.
“It’s something Conexant should have identified and removed,” he added. “We want to make sure this doesn’t happen again.”