Hewlett-Packard acknowledged this week that software used to control two of its color printers could be exploited by attackers to remotely steal files from Windows PCs.
The bug, which Danish vulnerability tracker Secunia dubbed "less critical," affects the Toolbox software included with the Color LaserJet 2500 and Color LaserJet 4600. In its default configuration, the Toolbox -- which lets users remotely monitor the status of a connected printer -- could allow an attacker to hack into jacked-in computers, then read any file on the hard disk.
HP'sadvisory links to an update to the Toolbox that patches the bug.
"A vulnerability like this opens the door for hackers to spy on your sensitive information," said Graham Cluley, a senior technology consultant at U.K. security company Sophos. "Users running the affected software should upgrade as soon as possible."
Read the entire article here,
http://www.crime-research.org/news/07.04.2006/1928/
|