HP LaserJet printer could be a gaping hole in your security defences

Dangerous default settings need to be changed

Have you got an HP LaserJet printer tucked away in the corner of the office? If that's the case, then be warned that malware peddlers could be abusing the hard drive on board the device.

This warning comes courtesy of security researcher Chris Vickery (who runs the MacKeeper blog), and he notes that your HP printer has a substantial wedge of storage space built-in which could be accessed and used for nefarious purposes by hackers if left on its default settings.

The storage is there so staff can use it for large print jobs, but the HP LaserJet devices have a default setting which puts up an FTP server on port 9100 – and if you don't protect that port, hackers could easily access it, and in Vickery's words, you are "basically handing an anonymous FTP server to the hacker community".

Take action now

As the researcher notes, a hacker could use the printer to store any kind of dodgy material, or host malicious scripts and so on – and this is likely to remain undiscovered, because it isn't common to check what's on a printer hard drive.

With probing and hacking constantly on the rise these days, you certainly need to check if you need to take action if your office does have an HP printer.

As Vickery advises, if you do have such a printer, you should make sure that port 9100 isn't open, and that your printers should be behind a firewall. If you have been previously unprotected, after taking these preventative measures you might also want to have a look at what's on your printer's drive, just in case.

Update: HP contacted us with a statement to say that in September 2015, it announced three new enterprise class LaserJet printers that deliver increased protection against malicious attacks. These new features include HP Sure Start which enables detection of and self-healing recovery from malicious BIOS attacks, whitelisting to ensure only good firmware updates can be applied, and Run-time Intrusion Detection that provides in-device memory monitoring for malicious attacks.

HP noted: "These new features will be standard on new HP LaserJet Enterprise printers and OfficeJet Enterprise X printers with PageWide Technology going forward. With a firmware update, these three features can also be enabled on several HP LaserJet Enterprise printers launched in April last year.

"In addition, two of the features, whitelisting and Run-time Intrusion Detection, can be added to many existing HP LaserJet Enterprise and OfficeJet Enterprise X printers with Pagewide Technology launched since 2011 through an HP FutureSmart service pack update."

HP added that it will "continue to focus on security for its printing portfolio by delivering market leading security technology for new and existing printers".

Via: Softpedia