(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Enlarge / Keyloggers like this one surreptitiously store passwords and other confidential data entered into a computer. (credit: infosectoday.com)

HP is selling more than two dozen models of laptops and tablets that covertly monitor every keystroke a user makes, security researchers warned Thursday. The devices then store the key presses in an unencrypted file on the hard drive.

The keylogger is included in a device driver developed by Conexant, a manufacturer of audio chips that are included in the vulnerable HP devices. That's according to an advisory published by modzero, a Switzerland-based security consulting firm. One of the device driver components is MicTray64.exe, an executable file that allows the driver to respond when a user presses special keys. It turns out that the file sends all keystrokes to a debugging interface or writes them to a log file available on the computer's C drive.

"This type of debugging turns the audio driver effectively into keylogging spyware," modzero researchers wrote. "On the basis of meta-information of the files, this keylogger has already existed on HP computers since at least Christmas 2015."

Read 6 remaining paragraphs | Comments

SEC Consult SA-20170511-0 :: Stack-based buffer overflow vulnerability in Guidance Software EnCase Forensic Imager
DefenseCode WebScanner DAST Advisory: WordPress User Access Manager Plugin Security Vulnerability
DefenseCode ThunderScan SAST Advisory: WordPress Tracking Code Manager Plugin Multiple Security Vulnerabilities
EMC RSA Adaptive Authentication (On Premise) CVE-2017-4978 Cross Site Scripting Vulnerability
DefenseCode ThunderScan SAST Advisory: GOOGLE google-api-php-client Multiple Security Vulnerabilities
SAP SAPCAR Local Heap-Based Buffer Overflow Vulnerability
Atlassian SourceTree CVE-2017-8768 Command Injection Vulnerability
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Red Hat JBoss BRMS and BPM Suite CVE-2017-2674 HTML Injection Vulnerability
ImageMagick 'ept.c' Denial of Service Vulnerability
Google Android Mediatek Video Driver CVE-2017-0617 Privilege Escalation Vulnerability
ESA-2017-027: EMC Isilon OneFS NFS Export Upgrade Vulnerability
[CORE-2017-0001] - SAP SAPCAR Heap Based Buffer Overflow Vulnerability
ESA-2017-017: RSA® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerability
Internet Storm Center Infocon Status