HP issues patch for keylogger found on dozens of laptop models

News broke yesterday that several of HP's laptop models dating back to December 2015 contain a keylogger as part of an audio driver provided by Conexant. In the wake of media and user scrutiny over the issue, HP is providing a fix.

The keylogging behavior was discovered by Swiss security firm ModZero. While the intent on behalf of Conexant was not malicious, the audio chip maker apparently took the lazy approach of coding its audio drivers to monitor and record keystrokes to detect when a hotkey is pressed. This allowed users to press key combinations for things like turning a microphone on and off.

On affected laptops, key presses get recorded and stored in a plain text log file. Even though the logs are wiped clean whenever a user logs off, every keystroke is recorded while logged in, including personal communications, passwords, and so forth.

ModZero said it tried contacting HP and Conexant about the issue, but was shrugged off by HP Enterprise and flat out ignored by HP Inc. and Conexant. Since nobody from HP or Conexant was wiling to own up to the issue, ModZero decided to publish the information in accordance with its responsible disclosure process.

As news spread of the keylogging audio driver, HP has begun pushing out a patch through both Windows Update and its own website.

"HP is committed to the security and privacy of its customers and we are aware of the keylogger issue on select HP PCs. HP has no access to customer data as a result of this issue," HP told ZDNet.

HP vice president Mike Nash provided some additional information to ZDNet late last night, saying that a fix is currently available for newer 2016 and later models affected by this. Older 2015 models will receive patches sometime today.

Nash did not say how many models or customers are affected, though he did note that the keylogging behavior was mistakenly added to the final audio driver and was never meant to reach end user laptops.