Swiss based cyber-security firm Modzero AG recently released a whitepaper highlighting that a keylogging ability is present in Conexant HD audio drivers on select HP laptops and tablet PCs sold over the last 2 years. Conexant mistakenly included code used to debug an audio issue that was never intended to be included in the commercially shipped products. HP has confirmed that any data logged on a device is erased every time a user logs off or restarts their machine. Immediately following the Modzero AG report, HP provided a fix that turned off the debug capability. It published an updated set of driver packages to extend the fix by removing the debug logging source code from all Conexant HD Audio Driver packages.
HP recommends that customers update their drivers on these select HP PCs. The list of impacted devices and the fixes are available on HP.com and more details are available in its Security Bulletin.