Hello guys
Let me aware the HP users...
Today I will be going to inform you about another flaw of HP laptops. Before that let me remind you one of our previous article related to such news which you can prefer from the link given below:
https://newageinformers.blogspot.in/2017/05/hp-laptops-not-secure-for-its-uers.html
The latest news coming from the researchers are that the HP notebook models have an embedded keylogger. Yes, HP notebooks have keylogging software installed in it when it is manufactured. The malicious code which works as a software keylogger was embedded in a file called SynTP.sys. It is the module of the Synaptics Touchpad driver which has been shipped with mostly all HP notebook models.
The same flaw was identified by a security researcher named ZwClose, earlier this year. He said, "The logging was disabled by default but it could be permitted by setting a registry value." He also gave the registry value which is as given:
HKLM\Software\Synaptics\%ProductName%HKLM\Software\Synaptics\%ProductName%\Default. This flaw can be used by the malware developers in order to spy on the users who are using system provided tools. The more surprising fact is that it is undetectable by the security products like anti-virus or anti-malware softwares. Attackers just need to be careful of UAC prompts while changing the default registry value.
What is UAC prompt?
The full form of UAC is User Account Control (UAC). It is a technology developed by the Microsoft to ensure the security of Microsoft Windows by limiting application software to standard user privileges. Only trusted applications by the users will be able to get installed and this way operating system will be protected from malware.
Nowadays there are lots of methods to bypass the UAC prompt and this way the attackers will be able to spy on the victim. ZwClose also said that the keylogger saved scan keys to a WPP trace. While WPP was created by the Microsoft and it is used to record information about program execution. As this issue was reported, the HP developers admitted that the keylogging code was leftover from debugging settings. They said that they had released an update to remove thee trace.
As we discussed it in the staring of an article that this is not the first time HP notebooks are facing vulnerabilities. HP later on declared a list of affected models and it includes HP's 25*, 15*, OMEN, mt**, Pavilion, Zbook, EliteBook and also ProBook series with a lot of Compaq models. So, before purchasing any device, you must know the detail information about that device.
To stay safe keep reading our upcoming articles by following us here:
facebook: CLICK HERE!!!!!!!!!!
Twitter: @NewAgeInformers
Instagram: @new_age_informers_
Let me aware the HP users...
Today I will be going to inform you about another flaw of HP laptops. Before that let me remind you one of our previous article related to such news which you can prefer from the link given below:
https://newageinformers.blogspot.in/2017/05/hp-laptops-not-secure-for-its-uers.html
The latest news coming from the researchers are that the HP notebook models have an embedded keylogger. Yes, HP notebooks have keylogging software installed in it when it is manufactured. The malicious code which works as a software keylogger was embedded in a file called SynTP.sys. It is the module of the Synaptics Touchpad driver which has been shipped with mostly all HP notebook models.
The same flaw was identified by a security researcher named ZwClose, earlier this year. He said, "The logging was disabled by default but it could be permitted by setting a registry value." He also gave the registry value which is as given:
HKLM\Software\Synaptics\%ProductName%HKLM\Software\Synaptics\%ProductName%\Default. This flaw can be used by the malware developers in order to spy on the users who are using system provided tools. The more surprising fact is that it is undetectable by the security products like anti-virus or anti-malware softwares. Attackers just need to be careful of UAC prompts while changing the default registry value.
What is UAC prompt?
The full form of UAC is User Account Control (UAC). It is a technology developed by the Microsoft to ensure the security of Microsoft Windows by limiting application software to standard user privileges. Only trusted applications by the users will be able to get installed and this way operating system will be protected from malware.
Nowadays there are lots of methods to bypass the UAC prompt and this way the attackers will be able to spy on the victim. ZwClose also said that the keylogger saved scan keys to a WPP trace. While WPP was created by the Microsoft and it is used to record information about program execution. As this issue was reported, the HP developers admitted that the keylogging code was leftover from debugging settings. They said that they had released an update to remove thee trace.
As we discussed it in the staring of an article that this is not the first time HP notebooks are facing vulnerabilities. HP later on declared a list of affected models and it includes HP's 25*, 15*, OMEN, mt**, Pavilion, Zbook, EliteBook and also ProBook series with a lot of Compaq models. So, before purchasing any device, you must know the detail information about that device.
To stay safe keep reading our upcoming articles by following us here:
facebook: CLICK HERE!!!!!!!!!!
Twitter: @NewAgeInformers
Instagram: @new_age_informers_
Comments
Post a Comment