• ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
We have new content about printers, Click here to check it out!
Locked

‎11-29-2017 08:43 AM

HP Recommended

Does anyone happen to know if the bulletin with document ID: c05839270 and reference numbers CVE-2017-2750, PSR-2017-0141 (https://support.hp.com/nz-en/document/c05839270) applies to Futuresmart 3 firmware or only Futuresmart 4?   The listed versions look to be mostly futuresmart 4. 

 

I'm not quite sure if the firmware revision listed in the provided table is the firmware that is affected or the version that printers need to be at to be protected.  

 

 

HPSBPI03569 rev 1 - HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP OfficeJet Enterprise printers, Execution of arbitrary code

 

Insufficient Solution DLL Signature Validation allows potential execution of arbitrary code.

 

1 ACCEPTED SOLUTION

Accepted Solutions

‎11-29-2017 01:59 PM

HP Recommended

The vulnerability does not appear to be specific to any specific version of futuresmart firmware.

 

According to the details in the article only impacted HP products are listed in the table.  I cross referanced the firmware revision column with the latest available on the HP support site for one of my impacted models.  This suggests that HP wants you to update teh firmware to the latest future smart version too if you havent already.  In the case of the model i was investigating the future smart 3 latest upgrade was still below the firmware revision column in the table.  That suggests that future smart 3 will not resolve the problem on this particular model and future smart 4 is the way to go.

 

> I'm not quite sure if the firmware revision listed in the provided table is the firmware that is affected or the version that printers need to be at to be protected.  

 

Based on what I researched I would say the firmware revision column is listing the firmware version you need to be on or higher to patch the vulnerability.  I'll toss this up to the Experts Circle and see if anyone else disagrees with this suggestion for extra confirmation.

 

 

 

 

Experts are not HP Employees. Experts are advanced users, administrators, technicians, engineers or business partners who volunteer their time to answer community questions.

Please mark anything that is helpful with a Kudo.
When you are done troubleshooting, please mark one of the responses as the Solution.
This feedback enhances the community by helping future readers choose between multiple similar responses.

View solution in original post

3 REPLIES 3

‎11-29-2017 01:59 PM

HP Recommended

The vulnerability does not appear to be specific to any specific version of futuresmart firmware.

 

According to the details in the article only impacted HP products are listed in the table.  I cross referanced the firmware revision column with the latest available on the HP support site for one of my impacted models.  This suggests that HP wants you to update teh firmware to the latest future smart version too if you havent already.  In the case of the model i was investigating the future smart 3 latest upgrade was still below the firmware revision column in the table.  That suggests that future smart 3 will not resolve the problem on this particular model and future smart 4 is the way to go.

 

> I'm not quite sure if the firmware revision listed in the provided table is the firmware that is affected or the version that printers need to be at to be protected.  

 

Based on what I researched I would say the firmware revision column is listing the firmware version you need to be on or higher to patch the vulnerability.  I'll toss this up to the Experts Circle and see if anyone else disagrees with this suggestion for extra confirmation.

 

 

 

 

Experts are not HP Employees. Experts are advanced users, administrators, technicians, engineers or business partners who volunteer their time to answer community questions.

Please mark anything that is helpful with a Kudo.
When you are done troubleshooting, please mark one of the responses as the Solution.
This feedback enhances the community by helping future readers choose between multiple similar responses.

‎11-30-2017 06:09 AM

HP Recommended

I had an HP rep resopond to my querry in the Expert Inner Circle.  The rep confirmed my analysis.

 

To resolve the vulnerability you need to upgrade to the firmware version listed in the firmware revision column or higher.  That may eliminate future smart 3 firmware as an option for some models.

Experts are not HP Employees. Experts are advanced users, administrators, technicians, engineers or business partners who volunteer their time to answer community questions.

Please mark anything that is helpful with a Kudo.
When you are done troubleshooting, please mark one of the responses as the Solution.
This feedback enhances the community by helping future readers choose between multiple similar responses.

‎11-30-2017 08:43 AM

HP Recommended

Thank you John

Warning
Be alert for scammers posting fake support phone numbers and/or email addresses on the community.
If you think you have received a fake HP Support message, please report it to us by clicking on "Flag Post".
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.
Didn't find what you were looking for? Ask the community
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.