HP Claims 500 Laptop Models Have Keylogger Bug

Keylogger installed in HP laptops raised a security concerned among HP users. The news comes from a report of security researcher that HP laptops contained a malicious bug. The malicious bug was identified to be a dormant keylogger.

 

Keylogger is a malicious program that can record or track all your activities using a computer. The deactivated keylogger in HP laptops poses a threat to thousands of its users. This means that a hacker can actually spy on them.

 

Aside from spying, hackers can steal their personal and confidential information. In short, keylogger is a nasty program that poses security threat to everyone.

 

Meanwhile, security experts claim that this dormant keylogger was found in nearly 500 HP laptop models. The presence of bug in these laptops has caused some level of inconveniences to HP users. Upon learning the situation, HP has issued a list that contains laptop models installed with deactivated the malicious bug.

In addition, HP also released a software update that fixes the bug in these HP models. The keylogger was found to be attached in the Synaptics software. What’s HP users should be thankful is that the nasty program is deactivated.  This means that a hacker must trigger the activation of the dormant malicious bug via administrative rights.

 

HP further said that the malicious bug can also affect almost of the Synaptics OEM partners. This means that all laptop brands that utilizes Synaptics might be affected as well.

 

“HP was advised of an issue that exists with Synaptics’ touchpad drivers that impacts all Synaptics OEM partners. HP uses Synaptics’ touchpads in some of its mobile PCs and has worked with Synaptics to provide fixes to their error for impacted HP systems, available in the security bulletin on HP.com. HP has no access to customer data as a result of this issue,” HP said in its statement.

Apple keyboards vulnerable to attacks

It seems that will be no rest in store for the Apple guys in the coming days.

Just last week, Apple had their hands full in fixing a critical bug that made iPhones susceptible to attacks carried out via SMS. Now, MacWorld reports another Apple device vulnerable to attacks. This time, its their keyboards.

The vulnerability was discovered by K. Chen, and he gave a talk about it at the Blackhat. He demonstrated that a malware that keeps track of what users type – popularly known as a keylogging application – could be installed in the keyboards, via their firmware. Hackers and scammers use this to retrieve passwords entered by a user.

Apple’s keyboards (both laptop and iMac keyboards) has about 8K of flash memory, and 256 bytes of working ram. This is enough space for a keylogging program to be installed.

And the worst part is, the keylogger is virtually undetectable even with the use of malware-scanning tools since the malware is not in the hard drive.

This is clearly a huge security problem that Apple needs to address; otherwise, I won’t be surprised to find more news about scams and hacks done through this vulnerability, splattered on the Web.

Source: http://tech.yahoo.com/news/macworld/20090805/tc_macworld/applekeyboardfirmwarevulnerabilitydemonstrated