Drivers are indispensable for daily use of computers. If the driver fails, the corresponding functions will also have problems. If we detect a problem with the sound card driver on the computer, we should repair the driver accordingly. Repair, or simply uninstall and reinstall the driver.
The driver is indispensable in daily use of the computer. If the driver fails, the corresponding functions will also have problems. If we detect the sound card driver on the computer If there is a problem, we should repair the driver accordingly, or directly uninstall and reinstall the driver.
The sound card driver of HP notebooks can generally be installed on the official website, or updated through the driver manager that comes with the system. On the official website, users need to select the corresponding notebook model and *** operating system. *** Just install the corresponding sound card driver. If it is inconvenient to install, users can also use third-party driver management software such as Driver Wizard for automatic installation and updates.
Over 100 HP computer keyboards have been "monitored" and the account and password entered are easily stolen
China HP low-key handling expert: This kind of vulnerability occurs" Unbelievable” ■IT Times reporter Xu Lianlian and Hao Junhui
“Do you have an HP laptop? If so, stop everything you are doing and listen to me. Every keystroke you make on the HP laptop is being quietly recorded. ." Swati Khandelwal, IT Analyst When I wrote this warning two months ago, I probably didn’t expect that Chinese consumers would still be ignorant of this potential threat two months later.
Recently, the Department of Statistics and Information of a certain Chinese ministry issued a "Network and Information Security Risk Notice" (hereinafter referred to as the "Notice"), which revealed that a hidden keylogger was found in the audio driver of HP computers, and all the user's keystrokes were Records are monitored and stored in plain text to text files.
After two months of silence, the HP computer recording user keyboard incident has once again been pushed to the forefront. User privacy and security have encountered the most severe test in history at the hardware level.
Computer keyboard information was secretly recorded
In May this year, researchers from the security company Modzero were inspecting Windows Active Domain's infrastructure discovered a built-in keylogger in the HP sound card audio driver that monitors all user keystrokes.
According to public information, the sound card driver package where the problem was discovered was provided by Conexant. Conexant Systems is a world-renowned independent research and development manufacturer of communications electronics semiconductors. It provides audio chips to PC manufacturers HP and Dell. , Thinkpad, etc. Laptops have many shortcut keys. The recognition and response of these shortcut keys to keystrokes are implemented by drivers written by hardware manufacturers. In order to test the effectiveness of shortcut keys, all keystrokes are usually recorded in the log during debugging. "If these debugging information are still retained in the released official version of the driver, it will cause security risks, causing the user's keystroke records to be retained in the log file." An Yang, a 360 security expert, said in an interview with a reporter from "IT Times" that keystrokes entered through the keyboard The information will be recorded in the local log. If the device is infected with a Trojan and the Trojan steals this log file, the keyboard input information will be leaked.
In other words, in a malicious situation, because of the existence of this "monitor", all the information entered by the user on the computer, including account information, chat records, passwords and other sensitive information may be Give way.
When overseas media announced this vulnerability in May, it caused a big earthquake in the domestic security circle, and many security manufacturers conducted follow-up analysis. However, many HP consumers in China do not know what threats such keylogging will bring to their privacy. "IT Times" reporters interviewed many HP computer users, and they all said that they had never heard of this matter and had never thought about updating the driver.
"The vulnerability that appeared in HP this time is a high-risk vulnerability. The main reason why there is no response from consumers is that there are no specific vicious cases yet." A senior security expert analyzed it this way.
Vulnerability notifications are "hidden" deeply
Article 22 of China's "Cybersecurity Law", which was officially implemented on June 1 this year, stipulates that network products and services should comply with relevant national standards mandatory requirements. Providers of network products and services are not allowed to set up malicious programs; when they discover that their network products and services have security flaws, vulnerabilities and other risks, they should immediately take remedial measures, promptly notify users in accordance with regulations, and report to the relevant competent authorities.
“This is a security risk caused by product defects,” Anyang said. Under certain circumstances, the vulnerability of HP keylogger can cause serious harm to users. However, on the homepage of HP's official Chinese website, the "IT Times" reporter did not find any official statement on this incident, nor did he find a patch for this vulnerability in an obvious position on the "HP Technical Support" page.
According to Modzero's report, this keylogger has been present on HP computers since at least Christmas 2015. In 2015, the keylogging feature was introduced into the HP audio driver with the new 1.0.0.46 version as a new diagnostic feature. The report stated that 30 HP laptops were affected, including HP Elitebook 800 series, EliteBook Folio G1, HP ProBook 600 and 400 series, etc.
So the reporter randomly selected an affected laptop model-EliteBook Folio G1 for search. Only then did the website pop up a reminder, "Some versions of Conexant A potential security vulnerability has been identified in the HD Audio driver on some HP products. Please check if your computer is affected and install a software fix. ” At the same time, an article “SUPPORT COMMUNICATION (support communication)- "Security Bulletin", according to this bulletin, the computers involved in this vulnerability are not only the more than 30 laptops previously mentioned by Modzero, but 104 models, including HP business laptops, business desktop computers and consumer laptops.
It can be seen from the announcement that this announcement was published on May 15, 2017 and updated on July 10, 2017. These two time points happened to be after this incident was exposed twice by the Chinese media. A few days. On July 13, a reporter from "IT Times" opened HP's US website and published the same article about EliteBook. In the announcement of the Folio G1 keylogging vulnerability, the release date is May 12, and the update date is June 22.
According to the security company's statement, they discovered the issue on April 28, but neither HP nor Conexant responded. On May 11, Modzero released a white paper to disclose the matter. On May 12, HP issued a letter titled “HP : Modzero report on keylogger issue (HP: Modzero report on keylogger issue)" brief statement.
China HP’s customer service told the "IT Times" reporter that this patch requires customers to install and install it themselves Install and run. When the reporter asked whether HP would actively push patches, the customer service just said that they could send them directly to the reporter’s email address. *** Link. However, HP's previous statement in English stated that individual users can repair it through automatic updates of Windows, and enterprise users managed by the IT team can deploy it through standardized tools. However, the reporter did not find a Chinese version of this statement.
HP is the only PC manufacturer to have problems
A senior industry insider who has been engaged in the PC industry for more than ten years told the "IT Times" reporter that HP's situation is very common in the PC circle. It’s rare and incredible. “It is a unilateral problem of HP, and other PC manufacturers have not found similar problems so far.”
Why do hardware manufacturers have such security holes? According to HP, this product was developed by the supplier The software is only used for audio testing of the version before the official release of the product and should not appear in the final sales version. "Part of the debugging code in the sound card driver was mistakenly retained. This is an accident."
"As a global PC manufacturer, the reason for the vulnerability given by HP is not very acceptable. It is difficult to imagine that it was caused by the negligence of developers," Analysys terminal analyst Zhao Ziming said in an interview with reporters that many tools use Trojans. It records the user's input information through the keyboard. "When the entire PC environment is not very good, HP's approach is unwise. When competition with competing products is fierce, consumers are likely to abandon HP products because of security issues."
Is this another "pit" for HP?
At the CCTV March 15 party in 2010, HP V3000 and DV2000 notebooks became "star products". The quality of HP's notebook products (flashing screens, overheating) was exposed. At that time, HP encountered the biggest brand trust crisis in its 25 years in China.
It was also a year of radical expansion for HP in China. Zhang Yongli, then president and general manager of HP China, said at a subsequent media conference: "HP has expanded too quickly in the past few years, resulting in service and management errors." This was the first time HP apologized to Chinese consumers.
According to HP's 2009 fourth quarter financial report, in China, HP's PC sales increased by 40%, the growth rate ranking first among its peers. But after the meeting on March 15th, HP's sales in China plummeted.
In the past two years, with the strong rise of the mobile Internet, life for PCs has become increasingly difficult. However, HP has received good news recently: data released by IDC shows that although the global PC market in the first quarter of 2017 Shipment growth is still sluggish, but HP performed well and surpassed Lenovo to become the world's largest PC manufacturer.
IDC data shows that global PC shipments totaled 60.3 million units in the first quarter, a year-on-year increase of 0.6%. This is the first time quarterly PC shipments have rebounded since the first quarter of 2012. HP PC shipments were 13.1 million units, a year-on-year increase of 13.1%, and its share was 21.8%. According to the above-mentioned senior industry insiders, HP PC sales in China account for approximately 40%, or more than 5 million units.
PC seems to be showing signs of recovery, but HP's keylogger has cast a shadow on this good news.
Tips
Security experts’ suggestions for HP notebook users:
1. If the following files are found in the system: C:\Windows\System32\MicTray64.exe and C:\ Windows\System32\MicTray.exe, it is best to delete it or change the file name.
2. A simpler *** is to directly clean the plug-in through the computer cleaning function of some third-party security software and delete the above files.
3. *** HP official website, enter your computer model in the "Support" column, follow the prompts to *** and install.
The above is the detailed content of Where is the HP laptop sound card driver?. For more information, please follow other related articles on the PHP Chinese website!