A security researcher reports finding keylogging software preinstalled on 460 models of HP laptop, including those in the EliteBook, ProBook, Pavilion and Envy lines. It's part of the keyboard driver suite and disabled by default, but accessible to anyone who otherwise compromises the machine.
According to HP, it was originally built into the Synaptics software to help debug errors.
It acknowledged that could lead to "loss of confidentiality" but it said neither Synaptics nor HP had access to customer data as a result of the flaw.
HP posted a full list of affected models with links to patches for each to remove the keylogger: "Notice: The information in this security bulletin should be acted upon as soon as possible."
Someone had a busy weekend!