Hewlett Packard has issued an urgent patch upgradation for all Laserjet owners, owing security concerns. The company states that the loophole discovered can lead to hackers remotely “read arbitrary system configuration files and cached documents” stored on the printer through its web administration console.

They say thirteen is a bad number and that’s the number of printers that are impacted by the latest discovery. The printers range from HP LaserJet 2410 up to HP LaserJet 9050 including the multi-function models. The entire list of affected printers are published in the advisory on HP website.

Digital Defense is a third party company that discovered this bug earlier late last year. They say that a bug on the web configuration tool allows hackers to access printer configuration files and more importantly, cached files that are stored in the printer memory.

“Printers tend to be low on the priority list of systems or devices to be patched, this one will likely linger for years to come,” says Adrien de Beaupre, an analyst with the SANS Institute’s Internet Storm Center.

“The impact might not seem severe, as in the attacker can view the printer configuration, however viewing cached versions of printed documents can be. Other than patching, disallowing access to the web admin interface is likely the only other mitigation.”

A workaround to the problem other than the critical patch would be to disable the online control interface, which is probably a better fix, as the possibility of discovery of more loopholes is not improbable.