HP “Keylogger” a Mistake, is Already Fixed

Posted on May 12, 2017 by Paul Thurrott in Hardware, Windows 10 with 13 Comments

HP "Keylogger" a Mistake, is Already Fixed

A wide-reported “keylogger” found in many HP PCs is a debugging tool that inadvertently shipped on production machines, HP tells me. Better still, the problem is already fixed.

This episode is obviously reminiscent of the infamous “Superfish” fiasco, in which that firm’s consumer PCs were found to have malware installed that was designed to spy on users. Superfish was both stupid and a technical error on Lenovo’s part, but that company later turned things around nicely and embraced the Clean PC initiative.

In HP’s case, the “keylogger” is not malicious and wasn’t supposed to ship on production PCs. Instead, the code is used to debug device drivers while in testing only. HP just shipped the wrong version of the driver on its PCs.

I spoke with HP’s Mike Nash about this incident last night. He told me that the company never logged any data from customers, and that the fix—via the production version of the impacted drivers—was already deployed to Windows Update. So if you have an HP PC and are worried about this issue, just check for updates.

The “keylogger” was found by security researchers at Modzero, who informed HP of the issue but went public before the PC maker could release a fix.

“There are very few situations where you would describe a keylogger that records all keystrokes as ‘well-intended’,” the Modzero alert notes. Reporting the issue before the fix was available is likewise hard to describe as “well-intended.” The idiocy continues: “So what’s the point of a keylogger in an audio driver? Does HP deliver pre-installed spyware? Is HP itself a victim of a backdoored software that third-party vendors have developed on behalf of HP? The responsibility in this case is uncertain, because the software is offered by HP as a driver package for their own devices on their website.”

We don’t need to speculate. It was an honest mistake. It’s been fixed. Moving on.


Tagged with

Elevate the Conversation!

Join Thurrott Premium to enjoy our Premium comments.

Premium member comments on news posts will feature an elevated status that increases their visibility. This tab would allow you to participate in Premium comments with other premium members. Register to join the other Premium members in elevating the conversation!

Register or Subscribe

Join the discussion!


Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate