HP Is Shipping Laptops With A Massive Security Flaw

Since we live in a world of sex toys that secretly spy on you and cheap gadgets turned into zombie networks that crash the internet, a major computer supplier is shipping laptops with malicious code isn’t surprising. What is surprising is that the malicious code in question wasn’t the product of some hacker mastermind; instead it’s all down to nobody at HP stopping to think about what the heck they were doing.

Discovered by ModZero, Hewlett Packard has accidentally turned one of its audio drivers (the software that lets your computer talk to your speakers) into a piece of software that logs everything you type. The driver, called MicTray or MicTray64, is designed to detect when you hit a special key, but it’s so poorly coded that it just watches every keystroke, and even records them, waiting to spring into action. The file is wiped when you log out of your computer, but if you never do that, or if you have rigorous backups like you’re supposed to, everything you’ve written could be recorded, including any passwords you type in. That information, if in the wrong hands, could be mined and sold giving the highest bidder a good look at all of your private date. The worst news? This security risk appears to affect all of HP’s latest laptops.

You can delete the software, of course, but some special keys may not work without the driver. To do that, open Windows Explorer, then This PC, then Windows, then System32, and then look for MicTray.exe or MicTray64.exe. If you’re a bit more comfortable with computers, though, try this solution from Reddit that keeps the driver active while shutting down the keylogger aspects. Either way, though, shut it down; until HP fixes this driver, it’s putting your data at risk.

(Via The Next Web)

×