An audio driver supplier called Conexant may have accidentally implemented the keylogging function Over two dozen HP laptop models have been secretly recording users’ keystrokes, possibly by mistake, according to a Swiss security firm.The keylogger is found within the PCs’ audio driver software and has existed since at least Dec. 2015, the security firm Modzero said in a Thursday blog post. The audio driver was designed to identify when a special key on the PC was used. But in reality, the software will capture all the keystrokes and write them in an unencrypted file located on the laptop.+ HP’s ANSWER: HP rolls out patch to fix keylogging bug in certain laptops + In other cases, the keystrokes will be passed to a Microsoft Windows debugging interface on the PC, and expose them to possible capture, Modzero said. “There is no evidence that this keylogger has been intentionally implemented. Obviously, it is a negligence of the developers,” the security firm said in its blog post. Nevertheless, the keylogger still poses a security risk. Anyone, including malware writers, can look up what a user has been typing by exploiting the affected audio driver or looking up the log file created.“Investigators with access to the unencrypted file-system might be able to recover sensitive data of historic key logs as well,” Modzero said.In a short statement, HP said it was aware of the issue. “HP has no access to customer data as a result of this issue. We have identified a fix and will make it available to our customers,” the company said.According to Modzero, the audio driver is used in certain HP EliteBook, ProBook, ZBook models. A full list of affected products can be found here.Fortunately, the software is easy to remove. It’s located at c:WindowsSystem32MicTray64.exe or C:WindowsSystem32MicTray.exe and can be deleted, although this may cause the special function keys on the laptop to no longer work. The keystroke log file it creates should also be erased, and is located at C:UsersPublicMicTray.log. Modzero said the developer of the audio driver is a U.S. company called Conexant, which produces audio and voice related applications. Conexant did not immediately respond to a request for comment.Modzero discovered the problem on April 28, but claimed that both HP and Conexant hadn’t responded to the security firm’s contact requests. Thorsten Schroeder, CEO of Modzero, said other laptops from Dell, Lenovo and Asus don’t appear to have the same problem. But because Conexant appears to develop software for other hardware vendors, the keylogging issue may exist in other devices, he said in an email. Have you found this also? Let us know on our Facebook page. Related content news Immersive Labs adds custom 'workforce exercising' for each organizational role With the new workforce exercising capability, CISOs will be able to see each role’s cybersecurity readiness, risk areas, and exercise progress. By Shweta Sharma Sep 27, 2023 3 mins Security Software Security news Sysdig unveils cloud attack graph based on real-time threat data Sysdig also announced a new cloud inventory and agentless scanning capabilities to tackle cloud security risks. By Michael Hill Sep 27, 2023 3 mins Threat and Vulnerability Management Cloud Security Storage Security feature What’s a cyber incident response retainer and why do you need one? Whether you need to hire a team to respond to any and all cyberattacks or just some hired guns to boost your capabilities, incident response retainers can ensure you’re covered. By Linda Rosencrance Sep 27, 2023 8 mins Cyberattacks Incident Response Security Practices brandpost How an integrated platform approach improves OT security By Richard Springer Sep 26, 2023 5 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe