HP adds protection against firmware attacks to enterprise printers
Researchers have been demonstrating attacks against printers for years. Now, Hewlett-Packard has started building defenses directly into its printers’ firmware instead of just patching individual vulnerabilities.
The company’s new M506, M527 and M577 series of LaserJet Enterprise printers, set to go on sale in October and November, will have built-in detection for unauthorized BIOS and firmware modifications.
HP refers to this capability as “self-healing security,” but it’s actually a set of code integrity checking mechanisms that security researchers have asked embedded systems manufacturers to implement for years.
One of the new features, called HP Sure Start, validates the integrity of the BIOS code at boot time and if any modification is detected, it reboots the device and loads a clean copy. This is based on a similar feature that HP’s Elite line of PCs have had since 2013.