After it was revealed that an audio driver installed on several HP laptops contained a feature that secretly recorded every keystroke entered into the computer, we reached out to HP for comment and were informed by a member of the company’s crisis communications team that a new audio driver is now available with the keylogging feature removed.
Although the release notes for the updated Conexant HD audio driver dated May 14th simply state "provides update for audio issue," digging deeper we found a security bulletin that appears to address the issue directly listing the security impact as "potential, local loss of confidentiality."
According to the company, the keylogging feature was in fact a debugging tool that was simply not disabled prior to product launch.
From the security bulletin:
A potential security vulnerability caused by a local debugging capability that was not disabled prior to product launch has been identified with certain versions of Conexant HD Audio Drivers on HP products. HP has no access to customer data as a result of this issue.
A list of almost 90 affected desktop / laptop systems can be found here. The updated Conexant HD audio driver can be downloaded here.
Bad for the team too to have missed it in code review.
Fking with their cash is the only way you'll hold them to any form of standard or accountability.
Right now they just shrug their shoulders and give you the finger.
Ted: Sure, as soon as I find where the hot pockets are.
"Ted frantically searches for 5 minutes before finding his beloved hot pockets"
"Ted tosses his hot pockets into the microwave and pushes the hot pockets button"
"Ted eats his tasty hot pockets"
Ted: What was John saying I had to do?
Ted: Meh, never-mind probably wasn't important
lol American's sue over the most humorous thing like if there phone gets a sctratch. nobody sue's HP because everyone knows to stay away from them