Security News
According to the Quocirca Print Security Landscape 2022 report, printer security is still some way down the worry list of most IT decision makers behind hybrid application platforms, email, public networks, and traditional endpoints. "Printer security is about understanding the threats to the network traffic, to the device itself and to the documents it prints. Every security feature you'll find in secure printers will address one of these categories of risk," he adds before going on to list a range of printer security issues.
Lexmark has released a security firmware update to fix a severe vulnerability that could enable remote code execution on more than 100 printer models. "Lexmark is not aware of any malicious use against Lexmark products of the vulnerability described in this advisory, but proof of concept code has been publicly published" - Lexmark.
Microsoft is now blocking the Windows 11 22H2 update from being offered because of compatibility issues affecting Windows devices with printers using Microsoft IPP Class Driver or Universal Print Class Driver. "Windows needs connectivity to the printer to identify all the features of the printer. Without connectivity, the printer is set up with default settings and in some scenarios might not get updated once connectivity to the printer is restored," Microsoft explained.
Looking ahead to next week, we have a server end-of-life and still more updates that can impact printers. There have been several updates to KB5005408 throughout the year to help administrators identify and manage these non-compliant printers.
HP has published security advisories for three critical-severity vulnerabilities affecting hundreds of its LaserJet Pro, Pagewide Pro, OfficeJet, Enterprise, Large Format, and DeskJet printer models.The first security bulletin warns about about a buffer overflow flaw that could lead to remote code execution on the affected machine.