Laptops coming with bloatware is a huge pain in the arse as it is, but matters get a thousand times worse when that bloat compromises security. It happened to Lenovo more than once, and now it's happened to HP.
Security company Modzero found a keylogger hidden inside Conexant audio driver. As the name suggests that keylogger records keyboard input in a log file. The log isn't being sent anywhere, but if someone knew where to look, and were to access the PC (in person or via a piece of malware), they could access the log file and see everything you've ever written. That includes potentially sensitive information like passwords.
Modzero has a list of the laptops affected, which includes some from the Elitebook, Elite, Zbook, and Probook range. HP has also reacted quickly, and has already released a patch (via Windows Update) for any of the laptops released in 2016 and 2015.
If your laptop has been affected, make sure to get that update installed pronto!
HP has released a statement reassuring customers that the logger has not given them access to any sensitive data, saying:
HP is committed to the security and privacy of its customers and we are aware of the keylogger issue on select HP PCs. HP has no access to customer data as a result of this issue. Our supplier partner developed software to test audio functionality prior to product launch and it should not have been included in the final shipped version."
This post originally appeared on Gizmodo UK, which is gobbling up the news in a different timezone.