Hewlett Packard Enterprise – Keyboard Driver Has Keylogger

Hewlett Packard Enterprise computers have what is known as a keylogger. This keylogger can potentially store your computer activity, including everything that you type. A security researcher, Michael Ming, stumbled upon a keylogger built into Hewlett Packard Enterprise keyboard driver.

Someone had asked Michael to see if he could write some code in order to control the backlit on Hewlett Packard keyboards. Instead he stumbled upon Web Plus Project keylogger code. This computer code saved scan codes when enabled.

This keyboard keylogger was enabled by setting a registry value that required User Account Control permission. This individual contacted Hewlett Packard Enterprise, which then acknowledged this keylogger and released a patch. The keyboard driver in question is syntp.sys which stands for synaptics.

Interestingly, Hewlett Packard identified this patch as local loss of confidentiality. This patch was released on November seven two thousand seventeen. This patch can be installed on Hewlett Packard notebooks, mobile thin clients, and mobile workstations.

Administrative privileges would be needed to enable this keyboard keylogger. However, this is still a major security vulnerability. Hewlett Packard claims that no individual from their company or Synaptics has access to customer data.

You can verify whether or not their is a patch for your Hewlett Packard computer at this Hewlett Packard Enterprise web page. Each computer model has a downloadable softpaq. In order to install this patch, just download the appropriate softpaq for your computer and then install.