- Attackers can inject malware into many of the American manufacturer’s printer models – from home printers to printers in open-plan offices.
- According to a statement from HP, more than 200 models are affected.
- In most cases, the gap can be closed by updating the printer driver.
In the List of affected models (open «Affected Products») customers can see what needs to be done. In addition to updating the printer driver, the deactivation of network protocols is also recommended and explained here, but only in English.
HP itself classifies the problem as “critical”. Attackers could remotely trigger a so-called “buffer overflow” on the printers and thus inject malware. This is a problem because the printers are connected to the computer, which also makes it vulnerable.
Another security message
In addition to the problem affecting over 200 HP models, there is another one further message. At least 21 models are affected here. Here the security warning is «high» to «critical». HP writes here that attackers could get hold of information, inject malware or paralyze the printer.
According to HP, all security gaps have already been closed with firmware updates. HP printer owners should install them immediately. For this, on the appropriate support page search for your own printer model. The current driver is then available for download.
Firmware update as a nuisance
The American printer manufacturer HP caused trouble among customers a few weeks ago: The SRF consumer programs “Espresso” and “Kassensturz” reported that HP uses firmware updates to paralyze printers if original cartridges are not used – or too old original cartridges are used.