Skip to main content

Bug allows HP printers to be remotely hacked, set on fire

posted onDecember 1, 2011
by l33tdawg

Researchers at Columbia University in New York have discovered a vulnerability in Hewlett-Packard LaserJet printers that could allow attackers to steal sensitive documents, gain control of corporate networks, or even set the affected device on fire.

This can be accomplished because some HP LaserJet printers do not validate the origin of remote firmware updates before applying them, Salvatore Stolfo, a professor of computer science at Columbia who directed the research, told SCMagazineUS.com on Tuesday. That means anyone can reprogram the devices with malicious firmware.

Everytime an HP LaserJet printer accepts a print job, it checks to see if a firmware upgrade has been included, Stolfo said. The printer does not, however, look for a digital signature to verify that the firmware actually came from HP. The researchers, funded by government and industry grants, have been investigating the vulnerability for several months, and disclosed the issue to HP last week.

Source

Tags

HP Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th