Hewlett Packard has been sending Support Notification emails to Partners & Customers warning printer owners and IT Managers of security vulnerability on 72 Models of HP LaserJet Printers and MFPs (Multi-Function Printers).
The vulnerability could allow hackers to remotely install unauthorized printer firmware for a variety of malicious purposes establishing a clear threat.
HP does point out that susceptible LaserJet printers may have unofficial firmware remotely installed if “on a Public Internet without a firewall, or for LaserJet devices in a private network, if a malicious effort is made by a party on the private network to modify the firmware of the device”.
Hewlett Packard recommends having the printer’s Remote Firmware Update capability disabled; a number of LaserJet printers will require a further update before this option is available.
LaserJet owners and network managers should check out HP's list of affected printers and security bulletin, and if the process of applying the fix proves too complicated, Contact HP tech support at Hewlett-Packard@urgentsupport.americas.hp.com or Contact QLS Solutions group, Inc.