HP laptops vulnerable to keylogging attacks — here’s what you need to do now

More than 460 HP laptop models feature a dormant piece of software capable, when active, of logging users’ every keystroke.

Security researcher Michael Myng discovered the hidden tool sitting within the Synaptics Touchpad device driver, while investigating how to control the keyboard backlight.

After consulting with HP he learned the keylogger is present within a huge range of Envy, Elitebook, Pavillion and ProBook laptops, dating all the way back to 2012.

Should the keylogger be activated by an attacker with physical access to the machine, it would enable them to record a full list of keystrokes being typed by the laptop owner.

Related: Best laptops 2017

“Some time ago someone asked me if I can figure out how to control HP’s laptop keyboard backlight.

“I asked for the keyboard driver SynTP.sys, opened it in IDA, and after some browsing noticed a few interesting strings,” Myng explains (via TechCrunch).

He said he alerted HP, which confirmed the existence of the keylogger, claiming it was for debugging purposes.

As a result, HP has published a full list of the laptop models affected by the issue and has outed a fix to rid it from those machines.

Myng wrote: “They replied terrifically fast, confirmed the presence of the keylogger (which actually was a debug trace) and released an update that removes the trace.”

You can check here to see if your laptop is among them, and download the patch here. It’ll also be available through Windows Update, Myng says.

Is your laptop among those vulnerable to the attacks? Drop us a line @TrustedReviews on Twitter.