I know we’re sick of security warnings, myself included. But have you ever thought of your printer as a security threat? A recent article by Tenable, a network security firm, referenced some unexpected issues with a line of Hewlett-Packard (HP) printers, including the default settings. Regardless of your brand, I would be inclined to check your printer settings. The reason is that automatic updates for your printer may not be enabled. In the case of HP, there are significant security issues that should be patched. We need to start thinking of printers like computers.
After reading the Tenable article, I decided to go to the HP Advisory. It seems this particular vulnerability was disclosed and patched by HP. However, I found the advisory confusing, and the support link didn’t work.
When I clicked their link, I would get this 404 error page. I tried to click the link in several different browsers and also tried incognito sessions. And yes, I have reported the broken link.
If I manually enter www.hp.com/support, I am redirected to a working page for my country.
About Those Firmware Updates
The security researchers at Tenable decided to dig deeper. In doing so, they discovered that the suggested steps wouldn’t work in all cases. The default setting for some printers is not to check for firmware updates, as the picture below shows. (Note: This photo is originally from Tenable, and I applied the markup.)
The bottom line is to remember your printer is also software controlled and probably has updates. But, you’ll never get them if your updates are turned off.