HP red flags against cyberattacks on its printers
Over the last few quarters, there have been unprecedented cyberattacks across various geographies and various multinational companies. Now if a recent security advisory by HP is to be believed there are a myriad of print and digital sending products which could be vulnerable to ‘remote code execution’ and ‘buffer overflow’.
Some of the prominent models in the printer series which were impacted by the flaws are the LaserJet Pro series, Pagewide Pro series, OfficeJet Pro, Enterprise, Large Format, DeskJet and DesignJet. While issuing security advisories for three vulnerabilities in a wide range of its devices, it has also forwarded that these need to be patched immediately.
As the term suggests, Remote Code Execution is a rare kind of cyberattack whereby the perpetrator remotely executes commands on someone else’s computing devices. Likewise, a buffer overflow attack arises when the data’s volume exceeds the storage capacity of the memory buffer.
“Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with the use of Link-Local Multicast Name Resolution or LLMNR,” as per the security bulletins by HP.
The bulletin further read, “In certain HP Enterprise and HP LaserJet Pro printers, the issue may also be mitigated by disabling LLMNR in network settings.”
It also clarified that the third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer’s patch management policy.