HP

HP has issued an update to remove a keylogging mechanism found in the audio drivers included with some of its high-end laptops.

HP Vice President Mike Nash told Axios — a tech news site — that his company had released an update to the maligned audio drivers last night.

The updates will reach users via Windows Update, with updates for 2016 laptop models going live last night, and updates for 2015 laptop models going live today.

If users can't wait, or they want to review the update package, the file is here, and an HP driver update summary is here.

Keylogger found on HP laptops sold since late 2015

The HP keylogger scandal came to light yesterday after Swiss cyber-security firm modezero discovered that the Conexant HD Audio Driver Package preinstalled on 28 HP laptop models came with a file called MicTray64.exe that logged all the user's keystrokes to a local file.

This log file was never sent to HP or Conexant, but its mere presence on users' computers was an issue, as malware or any other person could copy the file and extract passwords or online chats from that file.

That particular audio driver was only installed on 28 laptop models that HP had been selling since late 2015.

HP: Keylogger feature was just debugging code

Nash says the keylogger feature was only debugging code that was mistakenly left inside the driver package by the Conexant team.

The HP update not only removes the driver's keylogger capabilities, but also the log file where these keystrokes were saved. Users that have backups should take great care not to restore an older version of this log file, normally stored at "C:\Users\Public\MicTray.log".

Yesterday, when modzero published its report, some experts said that other vendors that also used that particular audio driver made by Conexant were also affected. At the time of writing, hardware and security experts weren't able to discover a similar feature in Conexant drivers installed on the laptops of other manufacturers.