Straight-out-of-a-box laptop is supposed to be a fresh start: no redundant files, no malware, no spyware, just a clean slate. Of course, expectations are not necessarily a concern for anyone these days and they are bound to be broken. Is your HP laptop purchased sometime from December of 2015 to 2016?
Apparently, there might have been a vulnerability of great substance in these devices that millions of users turned to for daily operations. Positive aspect to mention is that hackers somehow missed their chance to cause disruption: no reports suggest that the security flaw was ever exhausted by crooks.
What is the main point in question? Modzero AG is a service that provides detailed security analysis. It specializes in detecting relevant issues, vulnerabilities, flaws in designs/developments, operations and in other fields, having direct bearing on the high-tech industry. These researchers were the ones to reveal that HP computers contained an imperfection in their audio drivers.
The software is officially supposed to indicate when exclusive buttons on the keyboard are clicked and for how long. As it appears, poorly generated software is capable of doing much more: it functions as a key-logger and has the capacity of recording every press of keyboard. So, what does this mean? If users operated with HP laptops that had the flawed versions of audio drivers, their every keystroke was recorded and stored in an easily accessible folder of System32. Good news is that the recordings were deleted after some time, but they were replaced with by the newly incoming entries.
As you might assume, this might have caused some severe damage if hackers had only known about such vast possibilities. If users logged into online banking accounts, their credentials were collected. You might assume that a key-logger would not be able to gather passwords because they are replaced by * or other symbols. Sadly, this is not true: this type of spyware is all-seeing.
Currently, both the manufacturer of audio drivers Conexant Systems Inc. and the HP Inc. are not very eager to talk about this situation. Apparently, it might have been quite easy to avoid all of this nuisances if only developers would have done their job properly. Even though it would be easy to blame vicious third-parties for causing disruption again, they are not regarded as responsible in this case.
Lastly, we found out that HP did make certain statements about this situation and reassured that security researchers are attempting to produce a proper fix. Of course, it is unknown when a solution will be on their way to users. If have an HP device, please whether it is not one of these models:
Source: modzero.ch