HP strikes back against printer hack claims

  • Hewlett Packard (HP) has issued an official statement in response to a controversial MSNBC report alleging a potential security vulnerability with certain LaserJet printers.

    Columbia University professor Salvatore Stolfo told the site that HP printers could theoretically be used as fire starters - if hackers managed to disable various safety protocols by altering default firmware. 

But Hewlett Packard dismissed the claims as baseless.  


    "Speculation regarding potential for devices to catch fire due to a firmware change is false. No customer has reported unauthorized access," HP confirmed. 

    "[Our] LaserJet printers have a hardware element called a 'thermal breaker' that is designed to prevent the fuser from overheating or causing a fire. It cannot be overcome by a firmware change or this proposed vulnerability."

    Although HP did acknowledge the existence of a potential security vulnerability identified by Stolfo, the company emphasized that certain printers could only be compromised if placed on the Internet without a firewall.

    "In a private network, some printers may be vulnerable if a malicious effort is made to modify the firmware of the device by a trusted party on the network... [And] in some Linux or Mac environments, it may be possible for a specially formatted corrupt print job to trigger a firmware upgrade," HP added.



    The company also noted that it was coding a firmware upgrade to "mitigate" the issue and recommended users follow best practices for securing devices by placing printers behind a firewall and, where possible, disabling remote firmware upload on exposed devices.

Related Stories

The Advantages and Drawbacks of Purchasing a Vintage Car

Five Reasons Self-Driving Cars Are Nothing to Worry About

How to properly uninstall WordPress plugins manually