HP has released a patch to remove keylogging software that was accidentally installed on nearly 500 computer models. These laptops were released with software that can track every key stroke. The patch will plug the security flaw in select laptops sold within the last five years, including G2 Notebooks, EliteBooks, EliteBook Folios and ProBooks, Evening Standard reported.
The company has asked the owners of HP computers to install it as soon as possible. The issue was discovered by Michael Myng, who discovered a deactivated keylogger in software on over 460 models of HP laptop, the report added.
After Myng raised the issue with the company, HP acted "terrificly fast" and said that the keylogger was erroneously present as a "debug trace". "A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners," HP's summary of the issue stated.
"A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue." The keylogger feature is deactivated in the default setting but an attacker with physical access to the computer could easily turn it on, the report pointed out.