HP Printers - Advisory: MS17-010 WannaCry attack

HP and Customer Viewable version 2.2

Security Advisory

HP Enterprise Printing Communication:

WannaCry ransomware

June 2

, 2017 (Revision History)

On Friday May 12, 2017, a ransomware called WannaCry (or WannaCrypt,

WanaCrypt0r 2.0) began infecting systems around the world. The ransomware

targets Windows SMB server using port 445 on Windows OS platforms. This

ransomware has garnered a substantial amount of media attention. See the

references section for links to additional resources describing WannaCry in detail.

At this time, we have completed investigations on the HP printing devices listed

below. The listed HP printing devices are not vulnerable to this particular attack

as they either do not support an SMB server or they are not running a Windows

based operating system:

 HP LaserJet Enterprise printers and multifunction printers

 HP LaserJet printers and multifunction printers

 HP LaserJet Pro printers and multifunction printers

 HP PageWide Enterprise printers and multifunction printers

 HP PageWide Pro printers and multifunction printers

 HP Digital Senders and Document Capture Workstations

 HP OfficeJet Enterprise series printers and multifunction printers

 HP OfficeJet Pro printers and multifunction printers

 HP Envy series printers and multifunction printers

 HP Photosmart series printers and multifunction printers

HP Inc.

1501 Page Mill Road

Palo Alto, CA 94304

Hp.com

PAGE 1
HP Inc. 1501 Page Mill Road Palo Alto, CA 94304 Hp.com Security Advisory HP Enterprise Printing Communication: WannaCry ransomware June 2nd , 2017 (Revision History) On Friday May 12, 2017, a ransomware called WannaCry (or WannaCrypt, WanaCrypt0r 2.0) began infecting systems around the world. The ransomware targets Windows SMB server using port 445 on Windows OS platforms. This ransomware has garnered a substantial amount of media attention.
PAGE 2
 HP DeskJet series printers and multifunction printers HP Software Solutions HP Software Solutions rely on their host OS and are not directly involved. The attack occurs at the OS level and therefore patches or remediation recommendations should be followed from Microsoft®, the OS provider. The Microsoft® bulletin 2 states, “The security update addresses the vulnerabilities by correcting how SMBv1 handles specially crafted requests”.
PAGE 3
5. Follow the onscreen prompts to sign up for alerts. References 1. https://www.cnet.com/news/wannacry-wannacrypt-uiwix-ransomwareeverything-you-need-to-know/ 2. "Microsoft Security Bulletin MS17-010 – Critical" Revision History Revision 1.0 2.0 Date 16 - May - 2017 19 – May - 2017 Reason 2.1 25 – May - 2017 Updated language regarding SMB servers 2.