Friday, 12 May 2017

Some HP PCs are logging keystrokes by accident.



Privacy and security are hot topics lately given the amount of malware that is constantly circulating throughout the internet by criminals and even government agencies with the purpose of accessing our personal and business information. At the same time, information is sometimes gathered inadvertently that could nevertheless end up making its way to nefarious parties.
In many cases, issues arise where a function that is meant to make things easier for users ends up being poorly executed. One example of exactly that phenomena seems to have created by an audio driver that has shipped in a number of HP PCs.
Security firm Modezero discovered code in a Conexant audio driver that supports an HP feature that enables controlling audio hardware by using keyboard combinations that toggle features on and off. One example would be a hotkey for enabling and disabling the microphone.


This driver apparently intercepts and saves keyboard input in order to control the functionality. While it is meant to only grab onto the required key presses, it seems to grab all the key inputs and saves them to a file. Worse yet, the file is not encrypted, meaning it would be easy to access by malware in real time or after the fact.
modzero
Although the problem is somewhat mitigated by the fact that the file is overwritten after each start, the researchers note that it could exist in backup files and could thus be recovered well after the fact. You can check if your HP PC is affected by looking for the programs “C:\Windows\System32\MicTray64.exe” or “C:\Windows\System32\MicTray.exe” exist and renaming them if they do. If a “C:\Users\Public\MicTray.log” file exists, then that should be deleted.
We reached out to HP to get its take on the situation, and it provided the following response:
“HP is committed to the security of its customers and we are aware of an issue on select HP PCs. HP has no access to customer data as a result of this issue. We have identified a fix and will make it available to our customers.”
This is obviously a mistake on the part of the driver developers and, hopefully, HP will resolve the issue soon. We note that there is no evidence that any malware or other software has made use of the data that is collected by the driver and so there is no reason to panic at this point. Nevertheless, keep an eye out for an update from HP, which should then be implemented as soon as possible.

For any queries comment us Below...

0 comments:

Post a Comment