You see this notification pop up:
"Security issues found in several HP Printers.
Please make sure your HP Printer is using the latest firmware. "
Why did this happen?
Trend Micro alerted you of a recently disclosed HP multi-function printer (MFP) vulnerabilities that permit attackers access to your network.
What is the issue?
Two security flaws were found in the affected printers’ communications board and font parser:
- The first vulnerability requires physical access to expose the ports on the communications board by removing a single screw. An attacker might impersonate maintenance personnel to visit the printer and compromise it.
- The second vulnerability can be done remotely from a malicious website. Users are tricked into visiting a malicious website that the attacker can use to send remote printing instructions that may include malicious documents, introducing malware into the printer.
What are its risks?
- A compromised printer can be used by attackers to gain access to your network.
- They can also monitor documents that are sent for printing and snoop into attached USB (Universal Serial Bus) devices, if printing from USB devices is enabled.
- Attackers can easily send malicious files to other devices on your network using the compromised printer.
What should I do next?
- HP has provided a solution for potentially affected products. Check if your device is included on the list of affected products and the firmware version that resolves the vulnerabilities.
- Install the latest firmware update immediately if you do not have it yet. Show me how.
- Make sure that your network is protected:
- Set up your printer to automatically check and install available firmware updates.
- Set up Trend Micro Home Network Security to actively protect your home network. Guide me.