We reported a while back that a security vulnerability had been discovered in some Hewlett-Packard LaserJet printers that could render them vulnerable to unauthorized access, although HP said there had been no real-world cases of such access occurring. The problem was that the software that enables updates over the Internet doesn’t verify the authenticity of those updates, so an attacker could apply a malicious update. HP was even sued over this issue.
Now the company has release a new firmware version that it says will “mitigate” the issue – although it doesn’t claim to be a full-blown fix. HP recommends that you still take steps such as placing the printers behind firewalls and disabling remote firmware uploads to prevent an attack using this exploit.