Hewlett-Packard has released a fix for a problem in its laptops that made it possible to record everything users typed.
The privacy issue was discovered by security researcher Michael Myng, who identified keylogging code in drivers for the laptops’ touchpads.
The code was not enabled by default, but someone with administrative privileges could activate it. In other words, it shouldn’t let people turn your laptop into a bug from afar.
The computer-maker said in a statement that neither it nor Synaptics (SYNA), the company that provided the driver, “has access to customer data as a result of this issue.” The code was apparently there to help developers fix problems with the touchpad, and it also affects other manufacturers using Synaptics drivers.
“I messaged HP about the finding,” Myng, who uses the handle “ZWClose,” wrote on his blog. “They replied terrifically fast, confirmed the presence of the keylogger (which actually was a debug trace) and released an update that removes the trace.”
While it seems that the code’s inclusion was accidental, it’s still not a good look for HP, given that the manufacturer was found earlier this year to be using Conexant audio drivers that also contained a keylogger.