Researchers found that the HP LaserJet printers is a security flaw that allows a takeover, downtime and providing information to hackers
Can be burned with the provision of an order. HP Laser Printer
HP printers security failure can be harmful to millions of users and make hackers take over Mdfsotihm, dilute them and draw them information - MSNBC network reported. Two Columbia University researchers found that the laser jet printers of HP which do not have the server authentication process with whom they communicate, to download a software update. Absence of this process can lead to the introduction of malicious software to the printer, to take with her the possibility of contagion remote control.
"Any time a printer receives a print job is to check if the task includes a software update. But the printer does not differentiate between sources sending of tasks including updating, and use digital signatures. So, anyone can set the printer to delete the software that runs the existing and install in place operating software infected "Wang explained Koi and Salvador Stolfo, a pair of researchers from Columbia. Such action would take half a minute, and will not be possible to identify the virus after it was installed - without removing the chip from the printer and test it in the lab. In addition, there are now printers that are connected directly to the Internet, and this may enable the virus with which the connection, even without practical action from the user. "It's like selling a car without a lock, it's totally secure," said Stolfo.
They demonstrated how such a move after paste printed from the printer file the hacker's computer. Long as they demonstrated how the printer sends an infected computer tasks that made it warm until smoke came from her and she stopped working. In addition, it turns out that the infected printer can serve as a platform to attack computers on the network is connected. According to the researchers may have tens of millions of printers around the world are open to the loophole, no simple solution and there is no way they thought if security holes have been exploited.
HP said in response to MSNBC that she looks at the issue and now believes that even if there is such a security flaw - the ability to abuse it is small.
