HP Warns Delayed Firmware Updates Leave Printers Vulnerable

HP Warns Delayed Firmware Updates Leave Printers Vulnerable

HP Wolf Security has released a new report titled Securing the Print Estate: A Proactive Lifecycle Approach to Cyber Resilience, warning of significant security vulnerabilities in printer hardware and firmware across every stage of their lifecycle. The study, based on a global survey of over 800 IT and security decision-makers, highlights that platform security for printers remains widely overlooked, posing a substantial threat to organizational cybersecurity.

Supplier Selection and Onboarding Stage

The report reveals that during supplier selection and onboarding, many organizations lack essential security oversight. Only 38% of IT and security leaders said procurement, IT, and security teams collaborate to define printer security standards, while 60% warned that this lack of collaboration places their organizations at risk. Furthermore, 42% fail to involve IT or security in vendor presentations, 54% do not request technical documentation to validate security claims, and 55% do not submit vendor responses for security review. Alarmingly, once printers arrive, more than half (51%) cannot confirm whether devices have been tampered with in the factory or during transit.

Ongoing Management Stage

In the ongoing management stage, the report found only 36% of IT and security leaders apply firmware updates promptly, despite IT teams spending an average of 3.5 hours per printer each month managing hardware and firmware security issues. HP warns that this delay unnecessarily exposes organizations to threats such as data exfiltration or device hijacking by cybercriminals.

Remediation Stage

During remediation, organizations are also falling behind in detecting and addressing vulnerabilities. Only 35% of IT decision-makers can identify printers exposed to newly published hardware or firmware vulnerabilities, and even fewer – 34% – can track unauthorized hardware changes by users or support staff. Additionally, just 32% can detect security events linked to hardware-level attacks. Beyond cyber threats, 70% of leaders express concern about offline risks, such as employees printing and mishandling sensitive information.

Decommissioning and Second Life Stage

Finally, in the decommissioning and second life stage, 86% of IT and security leaders cite data security as a barrier to printer reuse, resale, or recycling, with an average of 80 printers per organization redundant or in the process of being decommissioned. Confidence in sanitization solutions remains low; 35% are uncertain whether printers can be fully and safely wiped, while 25% believe physical destruction of storage drives is necessary, and 10% insist on destroying both the device and its drives to ensure data security.

Editor’s Remarks

While HP underscores the risks of failing to apply firmware updates promptly, it overlooks a key reason behind users’ reluctance. Many users are not unaware of the importance of firmware updates; instead, they make a compromising choice. Despite security enhancements and added functionalities claimed by OEMs, firmware updates often render non-OEM consumables unusable and, in worse cases, disable the device entirely. This has been at the core of ongoing disputes between users and printer manufacturers for years.

Security threats are indeed real concerns, but for many printer owners, the more immediate threat is the potential permanent disablement of their devices simply for using third-party supplies. As such, users are forced to choose the lesser evil: to skip these updates. Unless HP announces a solution that is more friendly to aftermarket products, the situation in which the majority of users choose not to update their printers may remain unchanged.

Related:

• HP Printing Revenue Dropped Amid Overall Q2 Growth
• HP Unveils First Water-Based Latex Printer in Australia
• HP Exhibits AI-Driven Indigo Range for Industrial Printing
• HP Reaffirms Commitment to Chinese Market
• HP Adds 9 New LaserJet A4 Laser Printers

Comment:

Please leave your comment below about the news: HP Warns Delayed Firmware Updates Leave Printers Vulnerable.