HP Plugs Security Hole With LaserJet Firmware Update, Says No Record Of Printers Set Ablaze By Hackers

Remember when researchers claimed a massive security vulnerability could potentially enable hackers to remotely take over Hewlett-Packard LaserJet printers and even cause them to burst into flames? Fun times, for sure.

Of course, HP was quick to point out that the researchers had it all wrong, lamented the “sensational and inaccurate reporting” surrounding the supposed security flaw and said not a single customer had reported any instances of unauthorized access to its LaserJet printers.

Nevertheless, the company recognized that there was indeed a potential security vulnerability with printers placed on a public network without a firewall, and at the time said it would soon issue a fix.

This morning, HP announced that the firmware update is now available and said it has still not received any customer reports of unauthorized access. From the looks of it, not a single hacker exploited the security flaw to burn down a house, skyscraper, hotel, casino, school or shed.

The company reiterated its recommendation to secure devices by placing printers behind a firewall and to disable remote firmware upload on exposed printers whenever possible.


  • HEWLETT-PACKARD

Hewlett-Packard Company (NYSE: HPQ), commonly referred to as HP, is an American multinational information technology corporation headquartered in Palo Alto, California, USA. HP is one of the world’s largest information technology companies and operates in nearly every country. HP specializes in developing and manufacturing computing, data storage, and networking hardware, designing software and delivering services. Major product lines include personal computing devices, enterprise servers, related storage devices, as well as a diverse range of printers and other imaging products….

Learn more

Article source: http://techcrunch.com/2011/12/23/hp-plugs-security-hole-with-laserjet-firmware-update-says-no-record-of-printers-set-ablaze-by-hackers/

View full post on National Cyber Security