Skip to main content
  1. Home
  2. Computing
  3. News

HP rolls out a solution for its ‘keylogger’ audio driver problem

Add as a preferred source on Google

Privacy and security are hot topics lately given the amount of malware that is constantly circulating throughout the internet by criminals and even government agencies with the purpose of accessing our personal and business information. At the same time, information is sometimes gathered inadvertently that could nevertheless end up making its way to nefarious parties.

In many cases, issues arise where a function that is meant to make things easier for users ends up being poorly executed. One example of exactly that phenomena seems to have created by an audio driver that has shipped in a number of HP PCs, Techspot reports.

Recommended Videos

Security firm Modzero discovered code in a Conexant audio driver that supports an HP feature that enables controlling audio hardware by using keyboard combinations that toggle features on and off. One example would be a hotkey for enabling and disabling the microphone.

This driver apparently intercepts and saves keyboard input in order to control the functionality. While it is meant to only grab onto the required key presses, it seems to grab all the key inputs and saves them to a file. Worse yet, the file is not encrypted, meaning it would be easy to access by malware in real time or after the fact.

modzero
modzero

Although the problem is somewhat mitigated by the fact that the file is overwritten after each start, the researchers note that it could exist in backup files and could thus be recovered well after the fact. You can check if your HP PC is affected by looking for the programs “C:WindowsSystem32MicTray64.exe” or “C:WindowsSystem32MicTray.exe” exist and renaming them if they do. If a “C:UsersPublicMicTray.log” file exists, then that should be deleted.

We reached out to HP to get its take on the situation, and it provided the following response:

“HP is committed to the security of its customers and we are aware of an issue on select HP PCs. HP has no access to customer data as a result of this issue. We have identified a fix and will make it available to our customers.”

Those weren’t just idle words, either, because the company had a fix in the works and started rolling it out over the weekend. If you own an affected HP PC, then you should see the following notification show up in Windows Update.

Mark Coppock/Digital Trends

This is obviously a mistake on the part of the driver developers and it is good to HP resolve the issue so quickly after its discovery. We note that there is no evidence that any malware or other software has made use of the data that is collected by the driver and so there is no reason to panic. Nevertheless, keep an eye out for the update, which should be installed as soon as possible.

Updated on 5-15-2017 by Mark Coppock: Added information about HP’s release of a fixed driver to Windows Update.

Mark Coppock
Former Computing Writer
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
macOS clipboard app Maccy has a fake out there stealing passwords
PamStealer malware is disguising itself as Maccy to target Mac users
Depicting of the Maccy clipboard app for macOS on a laptop with letters inb the background.

A fake version of Maccy, a popular clipboard manager for macOS, is being used to deliver a newly discovered Mac malware strain called PamStealer. Researchers at Jamf say the malware impersonates the real open-source app, but its actual purpose is to steal data and capture a victim’s login password.

PamStealer arrives as a disk image containing an AppleScript file that impersonates Maccy. Once the user opens that file, macOS launches it in Script Editor, where the on-screen instructions tell them to press Command-R. To someone expecting a normal app installer, that may look like an odd setup step. In reality, that action runs hidden malware code and starts the attack.

Read more
A new technology teaching drones to feel pain could stop your self-driving car from harming itself
Drones first, autonomous cars next. A pain-sensing system that detects failure before it happens has real stakes for self-driving vehicles.
Transportation, Vehicle, Car

When you sprain your ankle in the middle of a run, your body sends a pain signal to your brain, forcing you to stop. Essentially, the ability to sense pain stops you from pushing through the injury and causing further self-harm.

Researchers at Delft University of Technology and Wageningen University have applied this exact concept to drones, giving them a digital equivalent of a nervous system that recognizes a faulty part and triggers a pain-like warning signal. What's even more interesting is that the technology could find use in self-driving cars.

Read more
Claude Fable 5 is leaving subscriptions, but maybe not for good
High demand is pushing Claude Fable 5 out of subscriptions for now
Claude Fable 5 and Claude Mythos 5 Official Render

Anthropic’s most advanced publicly available Claude model is still leaving standard subscription access after July 7, but the company is now trying to calm fears that the move is permanent.

Fable 5 recently returned to Claude after drawing scrutiny from the U.S. government. Anthropic said it would be included on Pro, Max, Team, and select Enterprise plans for up to 50% of weekly usage limits through July 7. After that date, the model is set to move to usage-credit billing, meaning users will pay for access outside their regular plan limits.

Read more