You are here: silicon.com > Software > Malware

Malware

HP printer software warning

Flaw could be a route into Windows-based computers

Tags: printers, printer

By Joris Evers

Published: 6 April 2006 08:05 GMT

A security flaw in software that ships with two Hewlett-Packard Color LaserJet printers could open a door for cybersnoops, HP has warned.

The vulnerability lies in the Toolbox software that comes with HP's Color LaserJet 2500 and 4600 printers, the company said. The flaw could allow a remote, unauthorised malicious user to retrieve arbitrary files from a Windows computer when the software is running in the default configuration, HP said in a security alert published on Sunday.

The Toolbox is software that installs on a PC along with the drivers. It uses a simple web browser interface for access to printer status information, troubleshooting tips and demos, and an alerts feature.

HP has made HP Color LaserJet 2500/4600 Software Update version 3.1 available to resolve the security issue, it said. Security monitoring company Secunia rates the issue "less critical". The flaw is caused by an input validation error in the web server that's part of the software, according to a Secunia alert, published on Wednesday.

Discovery of the flaw is credited by HP and Secunia to Richard Horsman of Sec-1.com.

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead

Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy


  • Jobs
Field Service Engineer, Devon: IBM p series, RS/6000

In addition to hardware fixes and solid printer break fix experience you will get involved in multiple PC and server installations, so exposure to ...

BSF - Service Desk Analyst - Leeds

A good understanding of computers as well as associated equipment such as printers and scanners would be advantageous. Refer incidents to appropriate ...

Linux Systems Administrator

Purchasing, building and supporting PCs, laptops, printers etc. Working with the development team to quickly diagnose and resolve issues as they ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.





Quick Sitemap Links: