The alleged keylogger was spotted by the security researcher Michael Myng. It allowed the information typed on the machine’s keyboard to be copied somewhere else using a WPP (Windows software trace preprocessor) trace operation, according to Myng.
The said keylogger was a debug trace intended for the development team to spot bugs. Removing the feature might have slipped off their mind.
But the feature is disabled by default and it can be enabled via Windows Registry only by a user with administrative privileges (UAC). HP was quick to address the vulnerability which would cause a “potential, local loss of confidentiality”.
“A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners. Neither Synaptics nor HP has access to customer data as a result of this issue,” the company said in a security advisory in November.
How to check and remove HP keylogger?
Now, to check whether you’re running an HP laptop with a deactivated keylogger installed, you can head over to the security advisory page and verify your laptop model from the list.
The links to the updated drivers are also present on the advisory page. Downloading and installing the same would remove HP keylogger from your system.
You can check the driver version by visiting C:\Windows\System32\drivers. Find and right-click the file called SynTP.sys. Go to Properties and see the Product version number under the Details tab.
The security patch for the vulnerability is available via Windows Update. So, if you haven’t disabled the automatic updates on your Windows PC, chances are high your system is already fixed as the update was released last month.