An audio driver installed in several HP laptops contains a keylogger-type feature that records every keystroke entered into the computer into a log file, according to a security researcher.
Swiss security firm Modzero said in a security advisory posted Thursday that the keylogger activity was discovered in the Conexant HD audio driver package (version 22.214.171.124 and earlier), found on dozens of HP business and enterprise laptop models, including HP Elitebook, ProBook, and ZBook models -- including the latest Folio G1 laptop.
Anyone (or malware) with local access to the user's files on an affected computer, could obtain passwords, visited web addresses, private messages, and other sensitive information.
It's not known if HP's consumer laptops or if any other manufacturers are affected, however.
The pre-installed audio driver installs a driver located in the Windows system folder, which is scheduled to start every time the user logs in. Modzero describes the application as a crude way to check to see if a hotkey was pressed by monitoring "all keystrokes made by the user to capture and react to functions such as microphone mute/unmute keys/hotkey."
The application then logs each keystroke into an unencrypted log file stored in the user's home directory.
In the case that a log file doesn't exist, Modzero says that the driver's API can allow malware to "silently capture sensitive data by capturing the user's keystrokes."
We weren't immediately able to confirm the findings.