HP Printer Flaw Vulnerable to Remote Attacks

HP issued a critical security update for certain LaserJet Pro printers. It was applied to a serious flaw which could give remote attackers access to sensitive data.

Christoph von Wittich, a security expert in Germany, was credited with detecting the flaw. Wittich said he detected the flaw during a routine network scan of his company’s corporate network last week. He expressed that this flaw could also be used for a denial-of-service attack. However, he also said that as long as the printer is not connected to the Internet, this flaw should not cause much trouble for the end user. On Monday, the United States Computer Emergency Readiness Team (US-CERT) issued an advisory about the HP flaw. US-CERT warned that this flaw can gain anyone unauthorized access to data.

In recent years, security experts have warned about the increased risk of an attack on Internet-enabled devices, including printers, scanners and fax machines. HP LaserJet printers contained a serious flaw before. And some experts said the flaw could be used by remote attackers. HP dismissed those claims, but issued a security update dealing with the printer flaw.