Security Alert (A17-12-06): Vulnerability in Hewlett-Packard (HP) Products


 

Published on: 11 December 2017

  
  

Description:

HP released a security update to fix a vulnerability identified in certain versions of Synaptics touchpad drivers used by some models of HP products. An attacker would need administrative privileges to exploit the vulnerability.

 

Affected Systems:

  • HP Commercial Notebooks
  • HP Mobile Thin Clients
  • HP Mobile Workstations

A complete list of the affected models can be found at:

https://support.hp.com/us-en/document/c05827409

 

Impact:

Successful exploitation of the vulnerability could lead to information disclosure on an affected system.

 

Recommendation:

HP has released patches to address the vulnerability. Patches for affected models could be found from the following URL:

https://support.hp.com/us-en/document/c05827409

Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.

 

More Information:

https://support.hp.com/us-en/document/c05827409
https://zwclose.github.io/HP-keylogger/

 



Tag: HP , Commercial Notebook , Mobile Thin Client , Mobile Workstation , Synaptics
Tags