Tuesday, 01 December 2015 17:24

Printers could have malware – except the new HP! (review)

Printers could have malware – except the new HP! (review) http://blog.securitymetrics.com/2015/09/printer-security.html

Ever since Symantec discovered Trojan.Milicenso back in 2010 the potential for printers being infected with malware has been on the rise - many use an Android or Linux operating system and are connected to a network.

Trojan.Milicenso was actually Windows malware that caused network attached printers to spew out unintelligible garbage until the printer ran out of paper.

Krebs on Security wrote wrote about a security hole from 2010 to October 2014 could allow forged digital certificate to update firmware of many of HP’s printers.

OPSWAT last year wrote that there was a multitude of MFP exploits delivered by infected SlideShare and PDF, a HP vulnerability could set some models on fire, and security firms should develop scanners for malicious print jobs.

In fact, as an Internet of Things (Iot) device most printers are capable of sending alerts and emails to system administrators. MFP printers with fax lines could call premium number. Infected printers could become part of a botnet and send DDoS (distributed denial of service), spam emails and anything that was printed or scanned to a command and control centre server (C&C).

It, like the headline, was a bit of a beat up but Hollywood cottoned on to the concept and several recent movies and TV series (CSI Cyber) have malware infected printers spying, blowing up and catching fire.

Be concerned no longer. HP as the largest printer manufacturer in the word has ensured that all new business printers will all benefit from the latest security and print technology.

I reviewed HP’s Laser Jet Pro MFP M477 and its big brother the LaserJet Enterprise MFP M577.


There are two MFP (multi-function – print, copy, scan, fax and email) M477 models – the M477fnw (CF377A) at A$849, and the M477fdw (CF379A) at $899. A comparison of features is here. The basic difference is in the last three characters – f=fax, d=duplex print, and n=network – Ethernet and Wi-Fi/Wi-Di supporting HP ePrint, Apple AirPrint, Wireless Direct Printing, Mopria-certified, Google Cloud Print 2.0, and Mobile Apps.

These are 27ppm colour lasers, USB 2.0 or Ethernet/Wi-Fi, 4.3” touch-screen, with a Duty Cycle of 50,000 pages per month – although its best to keep these to around 5,000. I will not repeat all the specifications – click on the link above.

Build quality was excellent – at 21.8kg these are not all plastic; the paper path as straight as it could be with a rear flap to clear any miss-feeds. I was impressed at the quick 9 second time for first print – as most print jobs are only a few pages this speeds up the job.

These use the new HP 410 cartridges. The X version gives 6500 pages black and 5000 pages’ colour. Naturally it comes with the A version that gives 2300 pages.

Great for small business and the price a bargain for the features.


There are three MFP M577 models – the M577dn (B5L46A) at $4337, the M577f (B5L47A) at $5078, and the M577z (B5La8A) at $5220. A comparison of models is here. Again the basic difference is in the letters – z=pull out keyboard, f=fax, d=duplex, and n=network. But all are network, the F and Z have fax etc.

These are 38ppm colour lasers, USB 2.0 or Ethernet/Wi-Fi, 8” touch screen (z has a pull out keyboard as well), 320GB hard disk, with a duty cycle of 80,000 pages – although its best to keep to 7,500.

Build quality was excellent – at 38+kg these are not all plastic; the paper path as straight as it could be with a side flap to clear any miss-feeds. I was impressed at the quick 9 second time for first print – as most print jobs are only a few pages this speeds up the job.

These use the new HP 508 cartridges. The X version gives 12500 pages black and 9500 pages’ colour. Naturally it comes with the A version that gives 6000/5000 pages.

Great for reasonably large work-groups.


The major different between the 477 and 577 is that the former is a LaserJet Pro and the latter is a LaserJet Enterprise. Both have JetIntelligence. Both have 1 year limited warranty – next day on-site. Warranty extensions are available. The Enterprise has auto-duplex scan and print, security features., larger input and optional trays.

Jet Intelligence

Perhaps the most special things about both is the new JetIntelligence and ColorSphere 3 toner.

Basically it revolves around a toner that has a wax centre, a pigment over that and a clear coating to make perfectly round toner balls that are up to 40% smaller. This premium toner is combined with hardware that makes it up to 40% faster to print, delivers up to 33% more prints, has blacker blacks, better colours and uses up to 53% less energy. The key here is that the toner has a lower fusing temperature and the HP smarts (called Print gauge) look at each page and calculate how much toner to use. As it runs cooler it can wake up and print faster.

The printer recognises JetIntelligence cartridges but if a ‘refilled/remanufactured’ cartridge is used the JetIntelligence advantage is lost.


The 577 has HP Sure Start – a ‘gold’, unalterable copy of the bios is loaded if the bios is compromised.

It has Whitelisting top ensure that firmware updates are authentic – digitally signed only by HP

It has Run-time intrusion detection that constantly monitors and detects intrusion. If found it reboots.


Both the 477 and 577 have optional JetAdvantage Private Print - a cloud-based, On Demand platform that can securely print sensitive documents to shared printers. It can:

  • User required to authenticate at device before print job releases.
  • Keeps costs in check by helping to reduce print waste.
  • Improve productivity - retrieve and print where business demands.
  • Easily add users by importing from Active Directory.


After some time at HP’s enterprise print showroom I was satisfied at the robust build, quality and security (on the 577) as well as having poked every nook and cranny and opened every flap. These new generation printers along with JetIntelligence are pretty compelling workplace printers.

I only had time to look at these two models. There are others – 44 - in the 5XX, 6XX, 7XX and 8XX range that as new models come out will use this new technology.



Recently iTWire remodelled and relaunched how we approach "Sponsored Content" and this is now referred to as "Promotional News and Content”.

This repositioning of our promotional stories has come about due to customer focus groups and their feedback from PR firms, bloggers and advertising firms.

Your Promotional story will be prominently displayed on the Home Page.

We will also provide you with a second post that will be displayed on every page on the right hand side for at least 6 weeks and also it will appear for 4 weeks in the newsletter every day that goes to 75,000 readers twice daily.




Denodo, the leader in data virtualisation, has announced a debate-style three-part Experts Roundtable Series, with the first event to be hosted in the APAC region.

The round table will feature high-level executives and thought leaders from some of the region’s most influential organisations.

They will debate the latest trends in cloud adoption and technologies altering the data management industry.

The debate will centre on the recently-published Denodo 2020 Global Cloud Survey.

To discover more and register for the event, please click the button below.


Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!


Webinars & Events