Xerox® WorkCentre® 7755/7765/7775
Contains fix for Logjam and Bar Mitzvah vulnerabilities.
This software release contains fix for Freak and Ghost vulnerabilities on WorkCentre 77xx products.
NOTE: This version of the bulletin was released due to an incorrect link to the WorkCentre 7755/7765/7775 SPAR software.
Software Release to Eliminate Unauthorized Access
Note: This bulletin has been re-issued to correct a typographical error in the URL string for one of the product ZIP files.
The Xerox products ColorQube 9201/9202/9203, WorkCentre 6400, WorkCentre 7525/7530/7535/7545/7556, and WorkCentre 7755/7765/7775 contain code for implementing a remote protocol that could be exploited to gain unauthorized access to the device.
The software release indicated in the bulletin will perform the following action:
Remove the affected code that unintentionally created the unauthorized access potential.
A software release for the products listed has been provided. This release is designed to be installed by the customer. The software release is contained in a zip file and can be accessed via the links in this bulletin announcement or on the Security Bulletins page.
Cumulative update for Common Criteria Certification
System Software Version 061.090.221.36202 for the WorkCentre 7755/7765/7775 models is a cumulative update that incorporates security vulnerability fixes up through 19 Oct 2012 as well as other non-security related defect fixes. This release is Common Criteria certified.
This system software release for the products listed is designed to be installed by the customer. Please follow the procedures in the bulletin document to install the solution. This system software version is a full system release so the patch criticality rating is not applicable.
The software release is compressed into a 237.9 MB zip file and can be accessed via the link below or via the link contained in the bulletin announcement on the Xerox Security Site.
The Xerox devices ColorQube® 9201/9202/9203, ColorQube® 9301/9302/9303, WorkCentre® 232/238/245/255/265/275, WorkCentre® 5030/5050, WorkCentre® 5135/5150, WorkCentre® 5632/5638/5645/5655/5665/5675/5687, WorkCentre® 5735/5740/5745/5755/5765/5775/5790, WorkCentre® 6400, WorkCentre® 7525/7530/7535/7545/7556, WorkCentre® 7655/7665/7675, WorkCentre® 7755/7765/7775, WorkCentre® Bookmark 40/55, WorkCentre Pro® 232/238/245/255/265/275 were shipped with certain protocols enabled that, if properly exploited, could be used to gain
unauthorized access to the system. These particular protocols should not have been present in the production configuration and need to be removed from that configuration to minimize the possibility of unauthorized system access.
A software solution (patch P49) is provided for the products listed. This solution will remove from the production configuration the unwanted protocols in question so they can’t be exploited to gain unauthorized access to the system.
This solution is designed to be installed by the customer. The software solution is compressed into a 3 KB zip file and can be accessed via the link below or via the link following this bulletin announcement on the Xerox Security Site.
Software available through this link:
NOTE: We are re-issuing this bulletin due to a spelling error of the name of one of the researchers. No technical content in the bulletin has changed.
Vulnerabilities exist that, if exploited, could allow remote attackers to insert arbitrary code into the device. This could occur with a specifically crafted Postscript or firmware job submitted to the device. If successful, an attacker could make unauthorized changes to the system configuration; however, customer and user passwords are not exposed.
As part of Xerox’s on-going efforts to protect customers, the ability to accept these specially crafted jobs can be disabled for the affected products listed in the bulletin. Links for the software needed are contained inside the bulletin.
NIAP evaluation listing