I'm not too worried
Since my new HP Envy won't even let authorized users print to it remotely, I rather doubt anyone can execute anything malicious on it.
Sysadmins have been advised to watch for a coming HP printer firmware update that will plug a remote code execution vulnerability (among others) in its MFP-586 and the M553 printers. News of the threat emerged from a Foxglove Security deep-dive into printer security that saw the researchers warn HP of problems in August. The …
The only secure printer is one that connects via an oldstyle LPT (Centronics) cable... or nothing at all (glorious typewriter). :)
Wonder what vuls exists on other printers (Kyocera, Fujitsuu, Minolta etc).
I dislike it immensely giving a printer Internet access - what does it need from the 'net anyway?
And talking of which, how secure is this HP internet printing doohicky?
Biting the hand that feeds IT © 1998–2020