CYBER NEWS

Printer Vulnerability Since Windows 95 Put Entire Enterprises at Risk

windows95-printer-vulnerability-stforum

Printer Vulnerability – How Using a Printer Can Attract Threats

Every home office or business uses printers in their daily work – if we are printing out an essay at home, or we are printing out a contract in the office. Usually, our printer is connected to other devices – PCs, laptops, and other electronics, creating a network of sharing and exchanging information constantly. If some malware gains access to one device, it can spread throughout all devices connected to the entire network.

There is a known vulnerability that has existed in the Windows printers for some time (since Windows 95), resolving which has been unsuccessful so far: when connecting to a printer, the user has to install the needed drivers to operate with it; most of the times malicious software gains access to the network through these drivers, which are often freely and randomly downloaded without security checks or at least none that can detect if the downloaded driver is infected.

Related: The Windows User Security Bible

This way an attacker could easily gain access and compromise a printer, which is a device that doesn’t have such high level security protection, and through it to gain access to the entire network and commit cyber-crimes. In some cases the attacker doesn’t even need to infect an actual printer; they can use a network-equipped device that can pretend it is a printer, i.e. a laptop. In other cases, the attacker can just wait for a legitimate driver request to a legitimate network printer, and respond with malware disguised as drivers.

What Is the Solution to the Printer Vulnerability?

Vectra Network, a security firm which investigated this problem alongside Microsoft, explained that the vulnerability comes from the way the users connect to the printers; in big modern organizations often are available different makes and models of printers and users have the option to choose to which printer to connect, which results in installing different drivers to be able to operate with the different devices. In most cases, companies use the Microsoft Web Point-and-Print (MS-WPRN) approach, which allows these users to connect to any printer on the network, without receiving any warning about the installed drivers, to get the procedure as fast and as convenient as possible.

Related: Critical Windows 10 Vulnerability

A recent upgrade has found a kind of solution to the problem – not exactly fixing it, but executing checks and providing warnings to the user when downloading these drivers. The most recent patch cycle of Microsoft will now warn users if they are installing “untrusted” printer drivers, aiming to avoid this installation. This way, users will restrict the access of the attackers to their network. This will also prevent attacks which come not from a specific attacker, but from the Internet – compromised websites or ads can try to connect to the printers in the network, being the most vulnerable devices, and spread malware, if not noticed. These warnings will trigger a new way of dealing with malware threats to the printers, as well as to products like Edge, Internet Explorer and Adobe Flash.

Milena Dimitrova

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the beginning. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...