HP release a shame fix for their Synaptics touchpad drivers, fix number HPSBHF03564 rev 1 - Synaptics Touchpad Driver Potential, Local Loss of Confidentiality
A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners. A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.
The keylogging code was present in the SynTP.sys file, which is part of the Synaptics Touchpad driver that ships with some HP notebook models.
"The logging was disabled by default but could be enabled by setting a registry value," said Michael Myng, the security researcher who discovered the flaw earlier this year.
That registry key is:
HKLM\Software\Synaptics\%ProductName%
HKLM\Software\Synaptics\%ProductName%\Default
%ProductName% might be “SynTP” or “PointerPort”. The value type is DWORD.
See my post on Windows 10 opt out on spying telemetry
This will affect IBM Thinkpads as well, even though not yet announced.
Sources:
- https://www.computerworld.com/article/3238512/microsoft-windows/hp-stealthily-installs-new-spyware-called-hp-touchpoint-analytics-client.html
- https://www.bleepingcomputer.com/news/hardware/keylogger-found-in-hp-notebook-keyboard-driver/
No comments:
Post a Comment