HP recently released a firmware update designed to mitigate a security vulnerability in its LaserJet printers that was discovered by Columbia University researchers in late November.
"On the affected models, updates have always been supplied without a digital signature," The H Security reports. "The devices will just accept and install any firmware they are given."
"A crafted print job sent from a Linux or Mac system can also, in some cases even remotely, be able to trigger a firmware update, allowing an attacker to inject code and take control of the printer," the article states.
Go to "Firmware update mitigates HP's LaserJet printer security problems" to read the details.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.