Alerts Industry News

HP laptops found carrying keylogger in Synaptics touchpad driver

For the second time this year, Hewlett Packard (HP) computers have been found vulnerable to hacker attacks due to leftover debugging code that developers forgot to delete before shipping.

A researcher using the Internet handle “ZwClose” recently discovered what was essentially a keylogger in the Synaptics Touchpad driver used in almost all HP laptops, as well as laptops produced by other companies.

HP acknowledges the discovery and offers a vague outline in a security advisory.

“A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners,” reads the document. “A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.”

ZwClose makes it clear that the debug trace, while turned off by default, could easily be enabled by setting a simple registry value. Since the keylogger saves scan codes to a WPP trace, it makes for an attractive vulnerability that hackers might try and exploit.

HP has since provided software updates for Synaptics touchpad drivers. The affected HP products are listed in the security advisory, with the designated patch next to the model name. HP is updating the document with new “softpaqs” as they become available.

In the meantime, you can visit the table and fetch the new Synaptics touchpad drivers for your respective model.

Since the vulnerability affects all Synaptics OEM partners, users of other laptop brands should expect patches to come their way.

One way to check if your laptop uses Synaptics touchpad technology is to open an Explorer window, right-click This PC, choose Properties, and select Device Manager from the list of services in the left pane. Scroll down until you see Mice and other pointing devices and expand the section to reveal the vendor. If you see a Synaptics reference, chances are your device model is affected.

About the author


Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware and cyber-security, and has worked in various B2B and B2C marketing roles. Filip currently serves as Information Security Analyst with Bitdefender.