HP to Release Patch This Week for Printer Security Bugs

HP said it would release firmware patches later this week for several security bugs reported to the company by various cyber-security experts.

The firmware patches address a slew of bugs, among which the most severe is a remote code execution (RCE) flaw discovered and reported by Stephen Breen of NTT Security.

The RCE bug (CVE-2017-2750) affects HP’s top-of-the-line enterprise printer series such as LaserJet and PageWide, but also some OfficeJet and ScanJet models. A full list of affected products is available in the HP security advisory.

Stop bragging HP!

Security experts from FoxGlove Security discovered the same flaw earlier this month, along with many others. The FoxGlove team says they decided to take a jab at poking holes in HP printer defenses after the company had gone somewhat overboard with its marketing campaign advertising its printers as nigh unhackable.

For more, click here.