Xerox Security Bulletin XRX12-007

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Xerox Security Bulletin XRX12-007"

Transcription

1 Disable sftware upgrades by default Backgrund The Xerx prducts listed belw were shipped with sftware upgrades enabled by default. The firmware released belw changes the default state f sftware upgrade t disabled. After installing this firmware, sftware upgrade will be disabled. It can be reenabled at the lcal UI when necessary. Firmware slutins fr the prducts listed belw have been prvided 1. These slutins are designed t be installed by the custmer. The firmware slutins can be accessed via the links belw r via the links fllwing this bulletin annuncement n /security: Phaser 6125: Phaser 6128MFP: Phaser 6130: Phaser 6140: Phaser 6180: Phaser 6180MFP: Phaser 6280: NOTE: If sftware upgrade had previusly been disabled, sftware upgrade must be ENABLED n the device at the Lcal User Interface befre this firmware versin can be laded. These firmware slutins are classified as Mderate updates. Please fllw the instructins starting n page 2 fr each affected prduct t install these firmware slutins. Applicability This bulletin applies t netwrk-cnnected versins 2 nly f the fllwing prducts: Phaser MFP MFP NOTE: Fr best security leave this cntrl set t disabled after upgrading yur sftware. The cntrl must be set t enabled prir t ding a sftware upgrade. 2 If the prduct is nt cnnected t the netwrk, it is nt vulnerable and therefre n actin is required. 1 f 13

2 Instructins (What must t be dne If I have ne f the affected prducts?) Determine what actins, if any, need t be perfrmed t prep the device fr installatin f the firmware slutin: 1. Determine the current Cntrller Firmware versin n yur device by printing a Cnfiguratin Page. T print a Cnfiguratin Page fllw the instructins n Page 13 f this bulletin. 2. Determine if any actin needs t be taken based n the Cntrller Firmware versin listed n the Cnfiguratin Page fr each device. This is dne by fllwing steps 3 thrugh Determine the apprpriate Installatin Actin Table t fllw starting n page 3 by lking fr yur prduct number at the tp f each chart, and matching it t yur specific prduct. 4. Lcate the Cntrller Firmware versin in the chart that matches r falls within the listed Cntrller Firmware versins. 5. Frm the directins in the Installatin Actin Table fr the affected prduct and Cntrller Firmware versin determine what actin, if any, has t be taken befre the Cntrller Firmware versin linked n page 1 can be installed. 6. Perfrm the indicated actin t get yur device ready t install the Cntrller Firmware. 7. Once yur device is ready t install the Cntrller Firmware, fllw the Firmware Installatin Instructins starting n page 5 t install the Cntrller Firmware n the device. 2 f 13

3 Installatin Actin Tables The fllwing tables indicate what actins, if necessary, are needed befre the P49 patch can be installed n an affected device: Fr Phaser r Yes Upgrade t N/A Nne r Fr Phaser 6128MFP r Yes Upgrade t N/A Nne r Fr Phaser r Fr Phaser r Yes Upgrade t N/A Nne r Yes Upgrade t N/A Nne r Fr Phaser r Yes Upgrade t N/A Nne r 3 f 13

4 Fr Phaser 6180MFP r Yes Upgrade t N/A Nne r Fr Phaser r Yes Upgrade t N/A Nne r 4 f 13

5 Firmware Installatin Instructins Cautin: D Nt Rebt r Turn Off the printer during the firmware update prcess. The printer will autmatically rebt when finished dwnlading the firmware. 1. Ensure yur apprpriate dwnlading ptin (Netwrk, USB, r Parallel) is available and cnnected. 2. Duble-click n the xerxfwup.exe icn lcated in yur printer directry. 3. The xerxfwup windw with the cnnectin ptins is displayed. Three cnnectins are available fr updating the firmware (sme prducts will nt have a Parallel interface). Fr Netwrk cnnectin: Select Netwrk and click the Next buttn. If yur printer IP address is listed, check the checkbx next t yur printer. Click the Next buttn. 5 f 13

6 If yur printer IP address in nt listed, click the Add buttn. Enter yur printer IP address and click the OK buttn. Check the checkbx next t yur printer IP address and click the Next buttn. The Firmware will start dwnlading t yur printer. On the printer Cntrl Panel, the fllwing messages are displayed: Receiving data Prt 9100 AIOC --> Receiving data Prt 9100 F/W --> Please wait Prt 9100 F/W --> Writing... Prt 9100 AIOC --> Writing... Prt 9100 F/W as the printer starts updating the firmware. 6 f 13

7 When the prcess is cmpleted, the Please wait... --> Ready messages are displayed n the printer Cntrl Panel. On yur cmputer, verify that the firmware update has been cmpleted - a The firmware update has been sent message is displayed and Cmpleted is displayed under the Status clumn. Click the Next buttn. Click the OK buttn. Print the printer Cnfiguratin page frm yur printer s frnt panel and verify the Firmware Versin infrmatin. Fr USB cnnectin: Select USB and click the Next buttn. The xerxfwup windw with the printer serial number is displayed. Check the checkbx next t yur listed printer. Click the Next buttn. 7 f 13

8 The Firmware will start dwnlading t yur printer. On the printer Cntrl Panel, the fllwing messages are displayed: Receiving data USB AIOC --> Receiving data USB F/W --> Please wait... USB F/W --> Writing... USB AIOC --> Writing... USB F/W as the printer starts updating the firmware. When the prcess is cmpleted, the Please wait... --> Ready messages are displayed n the printer Cntrl Panel. 8 f 13

9 On yur cmputer, verify that the firmware update has been cmpleted - a The firmware update has been sent message is displayed and Cmpleted is displayed under the Status clumn. Click the Next buttn. Click the OK buttn. Print the printer Cnfiguratin page frm yur printer s frnt panel and verify the Firmware Versin infrmatin. Fr Parallel cnnectin (fr thse prducts with a Parallel cnnectin): Select Parallel and click the Next buttn. The xerxfwup windw is displayed. Click the Next buttn. On the printer Cntrl Panel, the fllwing messages are displayed 9 f 13

10 Receiving data Parallel AIOC --> Receiving data Parallel F/W --> Please wait Parallel F/W --> Writing... Parallel AIOC -->Writing... Parallel F/W --> Cmpleted... as the printer starts updating the firmware. When the prcess is cmpleted, the Please wait... --> Ready messages are displayed n the printer Cntrl Panel. On yur cmputer, verify that the firmware update has been cmpleted - a The firmware update has been sent message is displayed and Cmpleted is displayed under the Status clumn. Click the Next buttn. Click the OK buttn. Print the printer Cnfiguratin page frm yur printer s frnt panel and verify the Firmware Versin infrmatin. 10 f 13

11 Macintsh OSX Firmware Update Prcess Cautin: D Nt Rebt r Turn Off the printer during the firmware update prcess. The printer will autmatically rebt when finished dwnlading the firmware. NOTE: FTP is the dwnlad mechanism fr the Macintsh; in the Mac's Netwrk settings, check "Use Passive FTP Mde (PASV)". Select the directry where yu have saved the file yu dwnladed. Duble-click n the FirmwareUpdateTl.dmg file t un-cmpress the firmware tl. Duble-click n the FirmwareUpdateTl package, and then duble-click n the FirmwareUpdateTl utility in the windw that pens. This brings up the Firmware Update Tl windw: T set the IP address f yur printer, duble-click n the Set IP Address buttn. Enter the IP address f yur printer and click OK. T find the IP address f yur printer, print a cnfiguratin page frm the frnt panel f yur printer. 11 f 13

12 Setup the FTP passwrd fr the printer by duble-clicking n the Set FTP Passwrd buttn. Enter yur FTP passwrd and click OK. If yu have nt setup a passwrd n yur printer via CWIS, then n passwrd needs t be entered here. Make sure FTP is enabled n yur printer. Yu can enable FTP n yur printer thrugh CWIS. CWIS is als where yu wuld set yur FTP passwrd fr yur printer, which shuld match the FTP passwrd entered here. Select the firmware file by clicking n the Select Update File buttn. Search fr yur firmware file (*.prn) and press Open. 12 f 13

13 Once all yur settings are cmplete, select the Update buttn. The Prgress bar will identify the prgress f the dwnlad. Once the file dwnlad is cmplete, the Success Dialg will display. Print a cnfiguratin page frm the frnt panel f yur printer t verify yur firmware settings. Disclaimer The infrmatin prvided in this Xerx Prduct Respnse is prvided "as is" withut warranty f any kind. Xerx Crpratin disclaims all warranties, either express r implied, including the warranties f merchantability and fitness fr a particular purpse. In n event shall Xerx Crpratin be liable fr any damages whatsever resulting frm user's use r disregard f the infrmatin prvided in this Xerx Prduct Respnse including direct, indirect, incidental, cnsequential, lss f business prfits r special damages, even if Xerx Crpratin has been advised f the pssibility f such damages. Sme states d nt allw the exclusin r limitatin f liability fr cnsequential damages s the freging limitatin may nt apply Xerx Crpratin. All rights reserved. Cntents f this publicatin may nt be reprduced in any frm withut permissin f Xerx Crpratin. XEROX, XEROX and Design, CentreWare, Phaser, ClrQube, Dcument Centre, WrkCentre, and WrkCentre Pr are trademarks f Xerx Crpratin in the United States and/r ther cuntries. Adbe and PstScript are registered trademarks r trademarks f Adbe Systems, Incrprated. All ther trademarks are the prperty f their respective manufacturers. The infrmatin in this bulletin is subject t change withut ntice. 13 f 13