How to reduce the risk of insecure firmware in office gear

A firmware study that found dozens of security problems affecting more than 120 products is a reminder to businesses to segregate and control access to networked office gear, experts say.

Researchers with Eurecom, a technology-focused graduate school in France, conducted the study on more than 30,000 firmware images taken from the websites of Siemens, Xerox, Bosch, Philips, D-Link, Samsung, LG, Belkin and other manufacturers.

The research found that firmware in more than 120 products contained at least some of the 38 vulnerabilities uncovered. The security problems included poorly protected encryption mechanisms and backdoors that could be exploited by hackers. In general, firmware is used in managing interactions between the hardware and the higher-level software used to configure, manage and operate the device. Firmware is used in a variety of office equipment, such as wireless routers, copiers, printers and cameras.