Few days back Security researchers at Swiss Security Consultancy firm Modzero made public a critical Hp laptop keylogger vulnerability they found in Conexant HD Audio Driver.
The suspected audio driver was keeping a log of user’s keystrokes. That too in an unencrypted file. The path of keylog file is C:\Users\Public\MicTray.log .
Image Credit :- Flickr.com/robbi73
Before going public with the discovered vulnerability both the companies HP and Conexant were informed. After failing to get a response from both the companies, the researcher went public.
What is CVE-2017-8360 Vulnerability?
What goes in favor of both Hp and Conexant is that researcher has concluded that the vulnerability seems to be unintentional.
The said module was originally tasked to capture keystrokes so that speaker volume can be increased or decreased with keyboard Short-Keys.
The .exe file in question MicTray.exe created an unencrypted key log file at c:\users\Public\. Which can be accessed by a malware or hacker with malafide intentions. Anyone with physical access to the system can also lay his/her hands onto this file.
It may be possible that other vendors using Conexant Audio Chipset might also be affected by this vulnerability.
Models affected by Hp Laptop Keylogger Vulnerability.
Some of the prominent laptop models which includes HP Elitebook, HP Zbooks, HP Probooks are compromised.
How to Check if your systems is affected by keylogger Vulnerability
You can search your system manually for MicTray.exe or MicTray64.exe files. if the said files are present in C:\Windows\System32 folder. Then your system is vulnerable.
In case the above-mentioned files are present in your system. It is advised to search for MicTray.log file and delete it as soon as possible.
Do check for new updates via Windows Update as HP has pushed an update to fix this issue.