Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
Guru3D Rig of the Month - February 2021
ASUS GeForce RTX 3060 STRIX Gaming OC review
EVGA GeForce RTX 3060 XC Gaming review
MSI GeForce RTX 3060 Gaming X TRIO review
PALIT GeForce RTX 3060 DUAL OC review
ZOTAC GeForce RTX 3060 AMP WHITE review
Fractal Design Meshify 2 Compact chassis review
Sabrent Rocket 4 PLUS 2TB NVMe SSD review
MSI Radeon RX 6900 XT GAMING X TRIO review
Guru3D Q1 Winter 20/21 PC Buyer Guide

New Downloads
Display Driver Uninstaller Download version 18.0.3.7
Guru3D RTSS Rivatuner Statistics Server Download 7.3.0 Final
Media Player Classic - Home Cinema v1.9.10 Download
GeForce 461.72 WHQL driver download
AIDA64 Download Version 6.32.5640 beta
CrystalDiskInfo 8.11.2 Download
AMD Radeon Adrenalin Edition 21.2.3 driver download
GPU-Z Download v2.37.0
Intel HD graphics Driver Download Version: DCH27.20.100.9313
HWiNFO Download v6.43 - 4380 Beta


New Forum Topics
Intel would be bundling Hitman 3 with its processors Just did raid 0 m2 ssds GeForce 461.72 WHQL drivers: download & discussion AMD Memory Tweak - Read/Modify Timings on the fly! RTSS 6.7.0 beta 1 Guru3D Rig of the Month - February 2021 NASA Perseverance rover 200 MHZ CPU costs $200K MOSFET prices to increase on worsening component shortages Who needs a 3080 if you can get GeForce Now.. NVIDIA Re-Confirms Resizable BAR Support on RTX 30 Series




Guru3D.com » News » HP Patched a keyboard driver that could be used as a keylogger

HP Patched a keyboard driver that could be used as a keylogger

by Hilbert Hagedoorn on: 12/11/2017 06:25 PM | source: | 8 comment(s)
HP Patched a keyboard driver that could be used as a keylogger

A keylogger was discovered by the keyboard driver of HP, and can potentially be abused by malware. The keylogger was found inside the driver of the Synaptics Touchpad, potentially affecting millions of users.

HP reports that for the vulnerability an attacker needs administrator rights to use it. Nearly 500 models laptops and desktop models are affected. HP responded quickly after reporting his findings to the company and said it was code that was left over during debugging. 

The keylogger was disabled by default, a simple change in the Windows Registry could enable it. HP has released an update to remove the code from the driver. The update can be downloaded from HP’s website and through Windows Update. The HP website also has a list of affected laptop models. The list contains about 500 different models.

It’s the second time this year a keylogger was found on HP’s laptops, previously a keylogger was found in audio drivers used on HP devices.







« Intel Adds New Gemini Lake Pentium Silver and Celeron Processors · HP Patched a keyboard driver that could be used as a keylogger · Toshiba Unveils Embedded NAND Flash Memory Products for Automotive Applications »

2 pages 1 2


RealNC
Senior Member



Posts: 3176
Joined: 2011-11-24

#5500130 Posted on: 12/11/2017 06:40 PM
Someone should tell them how to use #ifdef.

JJayzX
Senior Member



Posts: 485
Joined: 2006-05-17

#5500156 Posted on: 12/11/2017 07:16 PM
The driver isn't even a new driver, it's from August.

Size_Mick
Senior Member



Posts: 592
Joined: 2002-03-22

#5500187 Posted on: 12/11/2017 08:19 PM
From what I've read elsewhere, this is a problem that may extend to *any* brand of laptop with Synaptics drivers. Which is a heck of a lot of laptops.

386SX
Senior Member



Posts: 1074
Joined: 2017-06-26

#5500362 Posted on: 12/12/2017 08:42 AM
It indeed seems it affects all notebooks with synaptics touchpad:
https://www.theregister.co.uk/2017/12/11/hp-synaptics-keylogger/

They say it is stored in "SynTP.sys", a file originating from (you may guess) Synaptics itself.

My best practice is to deny any program the access to the internet where I am sure there is no need to, for example those touchpad drivers (why would anyone need them to connect to somewhere, they are DRIVERS!!!111oneoneeleven1!1!
That is the only reason I still use a desktop firewall (in addition to my hardware based one), otherwise I would have no reason at all.

But to see a big OEM to include keyloggers in their own modified drivers is a thing I get mad of. I mean, we talk about HP right? HP is no "small backyard garage reparing computers", it is one of the biggest OEMs and therefore should take every precaution when testing their released drivers. They are "certified by HP" and you install them on your 1500 Euro notebook and your 2000 Euro workstation, so you would obviously think "if they are certified, they are safe". But even so obviously you are better off to download the uncertified ones from untrustworthy sources. Chances of "infection" are less than downloading from HP itself.
(Really, do the math: Download at HP, certified driver section = 100% chance to get a keylogger; download at chinahackerswilldestroyyourmachine.cn is statistically less! :-P)

Does anyone know if there is a driver release without keyloggers, even if they are "old" like two or three years? I really don't care, if they do not contain any malware.

sverek
Senior Member



Posts: 6074
Joined: 2011-01-02

#5500363 Posted on: 12/12/2017 08:45 AM
Why keylogger even exists. It's just asking for trouble.

2 pages 1 2


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2021