First level navigation Menu
Full Frame Shot Of Coding

Alerts & Security Vulnerability Announcements

 

Update: Notice on Microsoft's Print Spooler Vulnerability - July 7, 2021

Ricoh is aware of the security vulnerability, commonly called "Print Nightmare," registered as CVE-2021-34527 and published by Microsoft on July 1, 2021.
The vulnerability allows remote code execution by a standard Microsoft Active Domain user by exploiting vulnerabilities in the print spooler process used by all Microsoft operating systems. Ricoh print drivers are not directly affected by this vulnerability, however, because print drivers for Microsoft Windows operating systems make use of the printer spooler process, any potential mitigation might affect the ability to print or otherwise properly use print drivers.
 
The security and integrity of our customer's data and devices is of the utmost importance to Ricoh. In the light of Microsoft releasing security updates as of July 6, we advise our customers to refer to the Microsoft advisory page.
Please note that a closely related vulnerability (registered under CVE-2021-1675) has been patched by Microsoft recently.
 
Updates will be provided as more information becomes available.
 

Update: Printer Security Program issued to address potential vulnerabilities in some of Ricoh’s printer/PC fax drivers

Ricoh released an updated security program to address additional vulnerabilities which may affect some versions of the printer/PC fax drivers used by certain Ricoh MFPs, printers and digital duplicators.

A complete listing of the affected models and how to securely set up your printer/MFP is now available.
 
 

Important product safety information (MPC series)

The multifunction color printer models in the MPC series have identified a rare potential safety concern.
 
 

Notice on CPU Vulnerabilities - Meltdown and Spectre

 

Ricoh is aware of the news regarding two security vulnerabilities called "Spectre" and "Meltdown" which were publicly disclosed on January 3, 2018. Both highlight the potential to extract information from a CPU cache by exploiting certain CPU hardware implementation mechanisms.


The security and integrity of our customers' data and devices remains of utmost importance to Ricoh. We are currently investigating to confirm whether any of our devices include and/or are affected by these vulnerabilities.

  • With this vulnerability there is the potential to extract information from a CPU cache by exploiting certain CPU implementation mechanisms. For this to occur, malicious code would need to be executed on the device.
  • Our Ricoh MFP/LPs only allow installation of programs which have been digitally signed by Ricoh. This means it is not possible for a malicious program exploiting this vulnerability to be installed on the device.
  • We are not aware of any data or security breaches to any of our customers at this time.

Our technology and security experts continue to work closely with other hardware and operating system vendors to develop an industry-wide approach to resolve this issue promptly and constructively.


As more information becomes available we will provide updates to this web page.

 
Cookie Policy

Ricoh uses data collection tools such as cookies to provide you with a better experience when using this site.
You can learn how to change these settings and get more information about cookies here.