Posts Tagged ‘HP’

HP has an awful history of ‘accidentally’ leaving keyloggers onto its customers’ laptops. At least two times this year, HP laptops were caught with pre-installed keylogger or spyware applications.
tweet made by a security researcher claiming to have found a built-in keylogger in several HP laptops, and now he went public with his findings.

A security researcher who goes by the name of ZwClose discovered a keylogger in several Hewlett-Packard (HP) laptops that could allow hackers to record your every keystroke and steal sensitive data, including passwords, account information, and credit card details.

The Keylogger was found embedded in the SynTP.sys file, a part of Synaptics touchpad driver that ships with HP notebook computers, leaving more than 460 HP Notebook models vulnerable to hackers.

Although the keylogger component is disabled by default, hackers can make use of available open source tools for bypassing User Account Control (UAC) to enable built-in keylogger “by setting a registry value.”

Here’s the location of the registry key:

  • HKLM\Software\Synaptics\%ProductName%
  • HKLM\Software\Synaptics\%ProductName%\Default

The researcher reported the keylogger component to HP last month, and the company acknowledges the presence of keylogger, saying it was actually “a debug trace” which was left accidentally, but has now been removed.

A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impact all Synaptics OEM partners,” HP says in its advisory, calling the keylogger as a potential, local loss of confidentiality.

A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.

The company has released a Driver update for all the affected HP Notebook Models. If you own an HP laptop, you can look for updates for your model. The list of affected HP notebooks can be found at the HP Support website.

This is not the first time a keylogger has been detected in HP laptops. In May 2017, a built-in keylogger was found in an HP audio driver that was silently recording all of its users’ keystrokes and storing them in a human-readable file.

Advertisements

tv crime2

A critical vulnerability discovered in certain LaserJet Pro printers that could give remote attackers access to sensitive data. Homeland Security’s Computer Emergency Response Team recently issued a vulnerability note warning that HP LaserJet Professional printers contain a telnet debug shell which could allow a remote attacker to gain unauthorized access to data.

This flaw was discovered by a Germany security expert, Christoph von Wittich. He detected the vulnerability during a routine network scan of his company’s corporate network.

He said the vulnerability could also be used for a denial-of-service attack. “As long as the printer is not connected to the Internet, this vulnerability should not cause much trouble for the end user”.

Marked as CVE-2012-5215 (VU#782451, SSRT101078), vulnerability affected 12 printer models including HP LaserJet Pro P1102w, P1102w, P1606dn, M1212nf MFP, M1213nf MFP, M1214nfh MFP, M1216nfh Multifunction Printer, M1217nfw Multifunction Printer, M1218nfs MFP, M1219nf MFP, CP1025nw, and CP1025nw.

Users are advised to download updated firmware for printers impacted by the bug from the company’s Support Center site.

HP Support Center

HP SUPPORT COMMUNICATION – SECURITY BULLETIN

HP UPDATED FIRMWARE