An eight year old security flaw has been found to be affecting 150 different HP Inc. multifunction printers, these could be potentially abused by the wrong person and used to take control of devices, steal sensitive information or infiltrate your networks.
These weaknesses are being called Printing Shellz were found by security specialist F-secure Labs On April 29th. The PC maker has issued patch changes.
An unsuspecting employee could have been led to a malicious website. In the process sending the exploit to the vulnerable MFP directly from the web browser in what’s known as a cross-site printing attack. “The website would, automatically, remotely print a document containing a maliciously-crafted font on the vulnerable MFP, giving the attacker code execution rights on the device,” the security specialist said.
What you can do:
- Updates: It is important to keep all your HP hardware up to date.
- Enforce network segmentation: This way if your network does get infected you can stop the infection before it spreads.
- Disable Printing from USB drives by default: This will stop this type of virus in its tracks.
- Stay Vigilante: Now that you know this can occur you can defend yourself from it.
If you have any security concerns please feel free to contact our team of I.T professionals.