As you may know, your office print devices 
are as vulnerable to cyber security threats as a desktop or laptop computer. All it takes is one opening for a hacker to exploit you and gain control of a compromised MFP. The hacker can quietly steal information, or they can penetrate deeper into your network.
On November 30th we were notified of security vulnerabilities within firmware associated with a number of HP Enterprise LaserJet and PageWide printers and MFPs. HP was able to immediately patch the potential vulnerability with a firmware update. SmartPrint advises that you take immediate action to protect your organization against any potential threats.
Here are links to the two security bulletins released:
CVE-2021-39238
https://support.hp.com/us-en/document/ish_5000124-5000148-16/hpsbpi03748
CVE-2021-39237
https://support.hp.com/us-en/document/ish_5000383-5000409-16/hpsbpi03749
The bulletins include a list of devices that are affected by each vulnerability, as well as a summary of what firmware version to use.
When SmartPrint is involved in hardware deployment with our clients we take steps to mitigate security risk by:
- Enabling EWS Password
- Disabling all protocols not in use
- Disabling USB port (printing)
- Recommending printers are deployed within VLANs
HP offers a free fleet management software that can help to streamline firmware updates with a one-to-many approach. It is called HP Web Jetadmin Software.
To download Web Jetadmin click here: https://h30670.www3.hp.com/portal/swdepot/displayProductInfo.do?productNumber=J6052AA&lc=EN_US
Many organizations’ standard security protocols include ensuring that print device firmware is kept at the most recent revision. SmartPrint can help if you need assistance, we offer 2 levels of firmware management services.
- Firmware Advisory Service
- We can rapidly provide a list of your devices that are out of date and the recommended firmware level, by completing a network scan of your print equipment
- We can also recommend software to help you manage firmware on your own
- Full Firmware Management Service
- We can manage and maintain your fleet to the latest, tested firmware levels
- Updates are scheduled and can be managed remotely
- For highly secure environments on-site resources are also available
Firmware management services can be incorporated into a SmartPrint MPS program or can be completed as a separate service or one-time project. If this is something you would like to learn more about please contact us for a brief discussion.