Australia's Leading Computer Emergency Response Team

Printers, the backdoor to your network
Date: 02 December 2011
Original URL:

Greetings to you,

Time passes for us all, a second per second, except for those under the influence of time dilation. This week is no exception as we find ourselves now in the last month of 2011.

And with the passing of time, new Vulnerabilities are discovered as well as new Exploits. Sometimes new Exploits for old Vulnerabilities.

Much discussion was had this week of people having their way with vulnerabilities in HP Printers & HP Digital Senders. This was due to remote Firmware Update Enabled by default on many LaserJets, Color LaserJets & some Digital Senders. HP provided guidance on disabling the Printer Firmware Update option.

Related to printing, Debian patched cups closing some interesting holes in the form of CVE-2011-3170 and CVE-2011-2896.

Given that most Enterprise printers are essentially networked PC's with printing mechanisms included, prudent System Administrators apply defence in depth to them too, including patching, hardening configurations and preventing access from the outside world.

Best wishes for the coming weekend, now back to contemplating the lifetime of a muon.