Protect Online HP LaserJet Printers; Download HP Firmware Updates Now!
More than a month ago, we passed on a warning provided by HP regarding a vulnerability that was discovered in the web administration interface of some HP LaserJet models when these are connected to the internet. Basically, the weakness allows hackers and attackers to control the printer remotely using the internet.
HongZheng Zhou of McAfee Avert Labs Blog posted an article Tuesday about HP printers that are still vulnerable to attack. He searched Google for ‘contrallable’ printers and came up with almost 50. Furthermore, almost all of them were not yet patched, despite the fact that HP released firmware updates to address this vulnerability in early February. It looks like there are administrators out there who are ignoring printer device security.
Once again, here are the models that are vulnerable to third party attacks:
- HP LaserJet 2410
- HP LaserJet 2420
- HP LaserJet 2430
- HP LaserJet 4250
- HP LaserJet 4350
- HP LaserJet 9050
- HP LaserJet 4345mfp
- HP LaserJet 9040mfp
- HP LaserJet 9050mfp
- HP Color LaserJet 4730mfp
- HP Color LaserJet 9500mfp
Some of you may be wondering – so someone will try to remotely send a print job to my printer, so what? For companies, which are the entities who normally have online printers, this can actually be an issue. The ability to control the printer may actually serve as a gateway for serious hackers who will then attempt to control the other components of the system.
Besides, the mere fact that someone can actually send unnecessary print jobs to your printer will result in wasted paper and will make you or your company open to ‘spam printouts’, where hackers/spammers will take advantage of free advertising and send prints upon prints your way.
We reiterate what we said in February about the spread of the Conficker worm, which stressed the importance of keeping abreast with security bulletins from manufacturing companies.
So, if you have not already done so, protect your HP LaserJet; restrict access to your printer and download the HP firmware updates today.
Tags: HO laserjet, HP printer, HP printer attack, laserjet printerRelated posts
(No Ratings Yet)
Loading ...Posted by PrintFriendly on March 19th, 2009
2 Comments »
[...] Printers Over the Internet A few posts back, we sent out a reminder for administrators and owners of HP printers that are set up for remote access through the Internet [...]
March 19, 2009 @ 9:53 pm
Conficker virus do not inject any computers through Internet . they just activitily inject through LAN by MS08-67.