HP laptop found to secretly store what users type

The firm has issued an urgent security update

HP laptop found to secretly store what users type

Paul Sakuma / AP

Researchers have warned that a number of HP laptops contain built-in 'keylogging' technology. 

Everything typed by the user on the keyboard is stored in plain text on the computer, meaning passwords, usernames and credit card details are vulnerable if the laptop falls into the wrong hands. 

HP has issued a fix for the affected models. 

Modzero says the following types of laptop featured the keylogger:

  • HP EliteBook G3 Notebook PC, models 820, 828, 840, 848, 850
  • HP ProBook G2 Notebook PC, models 640, 645, 650, 655 
  • HP ProBook G3 Notebook PC, models 430, 440, 446, 450, 455, 470
  • HP EliteBook G3 Notebook PC models 725, 745, 755
  • HP EliteBook G1 Notebook PC model 1030
  • HP ZBook 15u G3 Mobile Workstation
  • HP Elite x2 1012 G1 Tablet, with and without Travel Keyboard 
  • HP Elite x2 1012 G1 Advanced Keyboard
  • HP EliteBook Folio 1040 G3 Notebook PC
  • HP ZBook G3 Mobile Workstation HP, models 15, 17, Studio
  • HP EliteBook Folio G1 Notebook PC

The software was not installed intentionally, according to the researchers. 

"There is no evidence that this keylogger has been intentionally implemented. Obviously, it is a negligence of the developers - which makes the software no less harmful," Modzero's researchers wrote.

A spokesperson for HP has acknowledged the issue. 

"HP has no access to customer data as a result of this issue. Our supplier partner developed software to test audio functionality prior to product launch and it should not have been included in the final shipped version."

If you have one of those laptop devices, you can find the files by going to the following location on your computer:  C:WindowsSystem32MicTray.exe or C:WindowsSystem32MicTray64.exe.