HP patches printer firmware flaw, but leaves customers guessing

There’s a serious security vulnerability on some HP LaserJet printers.

The good news is that it’s been patched. The bad news is that you don’t know if your HP LaserJet printer needs the fix – because HP hasn’t told you.

Late last year, owners of HP LaserJet printers were warned that their confidential data could be at risk, because of a security vulnerability in the devices.

Researchers at Columbia University demonstrated to reporters that it was possible for remote hackers to install malicious firmware on certain HP printers, without the owner necessarily realising that they were under attack.

Although there was speculation that affected printers could also be fire hazards, that fear appears to have been overhyped – but there were genuine security concerns raised by the vulnerability…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.