HP Closes Firmware Flaw, Says No Reports of Exploits

 
 
By Fahmida Y. Rashid  |  Posted 2011-12-27 Email Print this article Print
 
 
 
 
 
 
 

Just before Christmas, Hewlett-Packard released a firmware update on its Website for some of its HP LaserJet printers to mitigate an issue in how the printers could be upgraded remotely. HP also said that not a single customer had reported any instances of unauthorized access to its printers.

In late November, researchers from Columbia University claimed the upgrade process for some HP laser printers was vulnerable and could result in printers being compromised as part of a larger attack. The researchers claimed the attackers could cause the printers to overheat and possibly catch fire. HP said at the time the reports of printers on fire were "sensational and inaccurate," but acknowledged the vulnerability existed.

There are still no such reports, a month after the initial research had been publicized, according to HP.

However, printers should still be secured by deploying them behind a firewall and disabling the ability to remotely upload firmware on exposed printers whenever possible, the company recommended.

 
 
 
 
del.icio.us | digg.com
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel