What is printer firmware, when it needs to be updated and when it is better not to.
It’s not just software developers who release updates for their programs. Hardware device manufacturers also frequently release software updates, at least until the device is declared unsupported (EoL, End-of-Life).
These update packages are called firmware updates. With the term firmware in fact, it refers to the software incorporated into an electronic device, such as a printer, a router, a smartphone or a television. For desktop and notebook PCs, we most commonly talk about updating the BIOS, even in its more modern variant called UEFI.
The firmware resides on one memory of type non volatile which is integrated into the device itself and is used to control the hardware functions of the device and manage its operation.
What is printer firmware
Il printer firmware control the flow of data between the computer and the printer itself, regulate paper feed, print head movement, ink temperature and much more.
The firmware may occasionally be updated by the manufacturer for fix bugs, improve security and introduce new features. The update procedure can be automatic but in most cases it must be expressly confirmed and authorized by the user. Indeed, we suggest checking the printer settings that the firmware installation does not take place automatically.
Updating the firmware of a printer can be performed through a specific procedure described by the device manufacturer: in some cases the printer performs the download new firmware then it asks for confirmation for installation (it is necessary to act on the screen on the body of the printer).
In other cases the update can be requested by theadministration web interface of the printer: for the network printers application of updated firmware can be requested via the panel which responds to the private IP address of the printer.
Again, the installation of updated firmware can be done through the interface of the printer drivers or through dedicated software.
To update or not to update printer firmware?
Updating the printer firmware can help improve featuresfix bugs and misbehavior, compatibility and security issues.
Let’s focus on the appearance of the safety: Printers are everywhere. They are in businesses large and small, in our homes, in schools.
Can they pose a threat to the security, integrity, confidentiality and availability of data?
In the pages of how2do.org we have often talked about vulnerability affecting printers from various manufacturers. In many cases there are risks of Remote Code Execution (RCE)This means that an attacker, exploiting one or more security holes inherent in the printer’s firmware, can execute arbitrary code.
The printer firmware may contain security vulnerabilities
There is a document entitled Exploiting Network Printers drawn up some time ago by Jens Müller which is still very current and which offers very precise indications on how to exploitation of vulnerabilities found in modern printers.
One printer exposes in different local area networks communication ports: it is easy to notice by carrying out a scan with Nmap (command nmap -A printer-IP-address) or with the Android app called Fing: in this case just touch the name of the printer connected to the local network and then the icon Find open ports.
The manufacturer of the printer, as stated in the security bulletins that are published, often finds itself in the position of having to resolve vulnerabilities inherent in the server components used by the device. Without one patch corrective action, an attacker may find himself in the position of execute arbitrary code on the printer with the possibility not only of monitoring and transferring the jobs sent for printing to remote servers but also of using the printer to start a attack towards the other devices connected in the local network.
The fixing vulnerabilities gradually identified in the various printer models arrives through the distribution of an updated firmware.
However, there is also the reverse of the medal: as we have observed previously, the firmware not only solves safety and compatibility problems but is also used by manufacturers to modify the printer behavior.
Firmware as a tool to prevent or hinder the use of non-genuine cartridges
In recent years, printer manufacturers have increasingly used firmware updates to block printers that use non-genuine cartridges.
The Europen Antitrust has specified that the procedure is not illegitimate in itself but becomes illegitimate if the manufacturer does not promptly and correctly inform the consumer, before purchasing the printer, about the need to use original cartridges.
After sanctioning HP, AGCM (Competition and Market Guarantor Authority) instructed Epson and Lexmark to inform users of printers that do not accept non-genuine compatible cartridges.
So let’s go back to the starting question: should the firmware be updated or not?
When to update the firmware
Before updating the firmware you should always read carefully the changelog of the release notes of the new firmware version released by the manufacturer.
If the firmware fixes security issues and known bugs, it should generally be downloaded and installed.
If however they were used non-original cartridges it is advisable to exercise a little more caution: it is advisable to combine the information deriving from a few simple searches on the net and those provided by the manufacturer at the time of purchase in order to verify that the printer is not blocked with the installation of the new firmware.
A printer is usually located behind the firewall and NAT functionality1 (use) of the router: this means that usually the ports exposed by the firmware of the printer are not publicly reachable on the public IP address.
The important thing is to check the open ports on the router and public IP, avoiding that some of them are directly reachable from remote IP addresses (unless there is a real pressing need).
If the communication ports of the printer are not reachable via the Internet, what is the need to install a firmware update containing fixes for any safety issues?
This is definitely a good question. As mentioned, firewall and NAT on the router protect individual devices connected to the local network, including printers, from attacks from outside. However, code running within the LAN could open printer ports on the public IP address on which a vulnerable software component is listening, for example via UPnP (Universal Plug and Play), or directly exploit the security flaw by using a exploit chain.
In the case of a router as a rule, the firmware update released by the manufacturer should be promptly installed, precisely because we are dealing with a device that acts as an interface between the local network and the Internet, with all that this entails in terms of security.
If you decide not to install a firmware update for your printer that (also) fixes security issues, you should weigh your choice against the pros and cons.
In a controlled network environment, where the chances of malicious code being executed are minimal, it may make sense to avoid installing updated printer firmware, especially if it could negatively impact device operation such as the use of non-original cartridges.
Is it possible to downgrade the firmware of the printer?
In general, if you have any problems, you can run the downgrade del firmware of the printer or go back to the previous version of the software that governs the operation of the device.
This is particularly feasible if the printer manufacturer provides an older version of the firmware and if the printer itself supports downgrading.
Of course, downgrading the firmware may result in the loss of some important features or bug fixes that are present in the newer versions.
Also, some manufacturers may limit your ability to downgrade firmware or may even prevent you from doing so.
Before starting a firmware update, it is therefore always good to check the manufacturer’s website to see if the downgrade practice is supported.
—–
1 NAT (Network Address Translation) is a networking feature that allows devices within a local area network to access the Internet using a single public IP address. NAT hides the internal IP addresses of the local network that cannot be directly discovered by remote devices.
While NAT can help improve network security, it cannot strictly speaking be considered a complete security feature. NAT offers no protection against cyber attacks such as viruses, malware, DDoS attacks, phishing attacks and other cyber threats. Also, NAT offers no protection for data that is transmitted over the local network or the Internet.