This ancient printer security bug affects millions of devices worldwide

Researchers claim it isn’t too difficult to exploit

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybersecurityresearchers have helped patch a privilege escalation vulnerability in the printer driver forHP,Samsung, and Xeroxprintersthat managed to evade detection for 16 years.

SentinelOne, which unearthed the high severity vulnerability, believes it has been present since 2005, and likely affects millions of devices and likely millions of users worldwide.

According to the company’s researchers, the vulnerable driver ships with over 380 differentHPand Samsung printer models as well as at least a dozen different Xerox products.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and you can also choose to enter the prize draw to win a $100 Amazon voucher or one of five 1-year ExpressVPN subscriptions.

Click here to start the survey in a new window«

“Successfully exploiting a driver vulnerability might allow attackers to potentially install programs, view, change, encrypt or delete data, or create new accounts with full user rights,“explainedAsaf Amir, VP of Research at SentinelOne.

Ghosts of devices past

The security flaw, tracked as CVE-2021-3438, is explained as a buffer overflow vulnerability that could be exploited in a local user privilege escalation attack.

Moreover since the bug exists in the printer driver, which gets loaded automatically by Windows, the vulnerability can be exploited even when the printer isn’t connected to the targeted device.

The only saving grace is that to exploit the bug, the attackers need local user access to the system with the buggy driver.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“While we haven’t seen any indicators that this vulnerability has been exploited in the wild up till now, with hundreds of millions of enterprises and users currently vulnerable, it is inevitable that attackers will seek out those that do not take the appropriate action,” concludes Amir urging users of the affected devices to patch their drivers immediately.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

This new malware utilizes a rare programming language to evade traditional detection methods

Google puts Nvidia on high alert as it showcases Trillium, its rival AI chip, while promising to bring H200 Tensor Core GPUs within days

I’ve been covering Apple Watch deals for years – This is the one model most people should buy on Black Friday