In the past, as experts in repairing HP printers, we would answer the question of whether or not to update printer firmware as pretty much a hard “NO.” The only reason we would recommend updating firmware was if the printer was not functioning the way you needed it to and you found out that the firmware update addressed that issue. Updating printer firmware, like many things in the IT world, can be like opening a can of worms: you can unintentionally cause an issue that wasn’t happening already. (I’m sure all of you have, at one time or the other, experienced the pain caused by a Windows update!).
However, as you know, the IT world has changed, and due to the constant cyber security threats out there, what we recommend has evolved. In addition to considering updating printer firmware when it can resolve a known issue with a printer, we recommend that you also update this firmware whenever it addresses a known security vulnerability.
For example, here are some security vulnerabilities addressed by firmware updates that you may find lurking in your HP printer fleet:
|SECURITY BULLETIN: HPSPI02727 SSRT100692 rev.7|
|CVSS BASE SCORE: 10|
|POTENTIAL SECURITY IMPACT: The vulnerability could be exploited remotely to install unauthorized printer firmware.|
|SECURITY BULLETIN: HPSBPI03596 rev. 2|
|CVSS BASE SCORE: 8.1|
|POTENTIAL SECURITY IMPACT: Solution application signature checking may allow potential execution of arbitrary code.|
|SECURITY BULLETIN: HPSBPI02869 SSRT100936 rev.4|
|CVSS BASE SCORE: 7.8|
|POTENTIAL SECURITY IMPACT: The vulnerability could be exploited remotely to gain unauthorized access to files.|
When performing a printer firmware update, it is extremely important to be mindful that no one sends print jobs to the printer or turns off the printer during the update process. If this is done, the printer formatter can be damaged—and it is an expensive part to replace. Due to these reasons, we often update the firmware via the printer’s USB port.
Organizations such as ourselves that are HP Authorized Service Providers and HP Managed Print Specialists that offer Secure Print Solutions, have access to a tool that makes HP printer firmware analysis easy. You can identify the firmware currently installed on your printers via software such as HP Web Jetadmin or FMAudit, and then we can feed that data through the firmware analysis tool which highlights whether or not there is newer firmware available that addresses any security vulnerabilities as well as what the CVSS score of the vulnerabilities are.
This report will give you a road map as to what your staff needs to address and what is most important to address first. If your organization is headquartered in the New York Metropolitan area and your staff does not have the time to research & perform the necessary firmware updates, click below to schedule a conversation with one of our HP printer solutions experts to see how we can help!