04 August 2006
More security flaws shown at Black Hat conference
It seems that a flaw in xerox printers has been found and demonstrated at the Black Hat conference. The flaw allows an application to be run on the printer which can read the documents being printed.
Xerox has issued a patch for this in February. Only those with a Workcenter or Workcenter Pro 200 printer need to worry and only if you bought it between October '05 and June '06. The issue has been patched. There is a patch that addresses the issue that can be found at http://www.xerox.com/security.
Xerox has issued a patch for this in February. Only those with a Workcenter or Workcenter Pro 200 printer need to worry and only if you bought it between October '05 and June '06. The issue has been patched. There is a patch that addresses the issue that can be found at http://www.xerox.com/security.
Labels: printing
Comments:
<< Home
I just returned on the red eye from the Black Hat conference in Las Vegas where researchers demonstrated security vulnerabilities in a variety of technologies from a variety of vendors. Being from Xerox, I was more interested than anybody to hear what Brendan O’Connor had to say about Xerox multifunction products. He did a great job of pointing out that MFPs, like all network peripherals, carry built-in risks. We’ve been trying to get this message out for a while. We’ll take all the help we can get. In the case of the specific exploit code that Brendan shared as part of the conference proceedings CD, the patch that we have put out there fixes that problem. We’ll keep working it with Brendan, our security experts and others. If there’s more to be done, we’ll do it asap.
# posted by 
: 4/8/06 23:43
: 4/8/06 23:43
Thank you very much for the information. I agree that there are risks with everything especially network devices that basically act as a type of server. Give someone enough time and they will find a way into anything.
Post a Comment
<< Home
