Hidden keyloggers have been discovered pre-installed on Hewlett-Packard (HP) laptops, creating a potentially dangerous security risk.
According to a report by the BBC, “Security researcher Michael Myng found the keylogging code in software drivers preinstalled on HP laptops to make the keyboard work.”
Using keyloggers, malicious individuals and groups can see what their victims type. Keyloggers are typically used to steal passwords and other sensitive information.
More than 46o HP laptop models were affected by the security vulnerability, prompting HP to issue a software patch.
“The issue affects laptops in the EliteBook, ProBook, Pavilion and Envy ranges, among others,” the BBC reported, adding that the list of affected devices goes back to 2012.
In a statement, HP claimed that they use “Synaptics’ touchpads in some of its mobile PCs and has worked with Synaptics to provide fixes to their error for impacted HP systems, available via the security bulletin on HP.com.”
“A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners,” they explained in a security bulletin. “A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.”