[English]Gute Nachrichten für Besitzer von Lexmark-Druckern. Der Hersteller hat endlich die Firmware-Updates für diverse Modelle bereitgestellt. Diese sollen einerseits eine Schwachstelle in mehr als Hundert Lexmark-Druckermodellen beseitigen, vor der Lexmark bereits im Juni 2022 gewarnt hat (das Update musste wieder zurückgezogen werden). Weiterhin soll das Firmware-Update das USB-Kommunikationsproblem in Windows beheben, welches durch das Juli 2022-Sicherheitsupdate verursacht wurde.
Anzeige
Worum geht es genau?
Seit Juli 2022 leiden Besitzer diverser Lexmark-Drucker unter dem Problem, dass diese Geräte nur noch unverständliches Zeug drucken. Ursache ist das Sicherheitsupdate für Windows vom Juli 2022 – ich hatte im Blog-Beitrag Windows: Druckerprobleme nach Juli 2022 Patchday und Fixes darüber berichtet. Auch wenn das Problem auf ein Microsoft-Update zurückzuführen ist, scheint das Problem beim Hersteller zu liegen.
Die zweite Baustelle in Lexmark-Druckern ist eine Schwachstelle, die mehr als Hundert Modelle betrifft. Angreifer, die sich bereits Zugang zur Firmware der Drucker verschafft haben, können sich dann dort über eine Schwachstelle einnisten. Lexmark hatte bereits im Juni 2022 das Security Advisory CVE-2022-29850 (PDF) verfasst, dann aber im August 2022 nochmals eine Revision vorgenommen.
Die bereitgestellten Firmware-Updates mussten aber nach Problemen kurzfristig zurückgezogen werden. Lexmark hatte dann ein revidiertes Firmware-Update für Mitte Sept. 2022 avisiert, welches die Schwachstelle CVE-2022-29850 in der Firmware beseitigen soll, aber auch das Windows-Druckproblem beheben soll. Ich hatte im Blog-Beitrag Lexmark: Firmware-Update soll Mitte Sept. 2022 Windows-Bug und Schwachstelle CVE-2022-29850 beseitigen über diesen Sachverhalt berichtet.
Das Firmware-Update ist freigegeben
Blog-Leser Frederik S. hatte mir bereits letzten Donnerstag, den 15. September 2022, die Information per Mail zukommen lassen, dass die revidierte Firmware auf den Lexmark Supportseiten verfügbar sei.
als Information für Sie gibt es seit heute auf der Lexmark Support Seite den Download der Version 081.215, laut den Release Notes ist der USB Bug sowie die CVE-2022-29850 gefixt.
Auch hier im Blog hat Michael N. diesen Kommentar hinterlassen, dass er die neuen Firmware-Updates auf der Lexmark-Seite gefunden habe (danke an beide Leser für den Hinweis):
Bei Lexmark stehen für unsere Modelle ab heute die neue Firmwareversion 081.215 auf der Lexmark-Support-Seite zur Verfügung. Die Release-Notes beschreiben viele Fehler, die behoben werden sollen. Auch ist die Rede von einer 081.212 Version, die ich aber nie gesehen habe, vielleicht war diese auch nicht öffentlich.
Lexmark hat inzwischen diesen Support-Beitrag zum USB-Druckerproblem veröffentlicht und schreibt: Aktualisieren Sie den Drucker auf xxxxx.081.215 oder die neueste RIP-Firmware-Version. Das kann über die EWS-Funktion des Druckers (erfordert eine Netzwerkverbindung ins Internet) oder per Download der Firmware von den Lexmark-Supporsteiten und durch Kopieren dieser Version auf einen USB-Stick, Einstecken dieses Sticks in den USB-Anschluss des Druckers (falls vorhanden) und anschließendes Auswählen dieser Version, erfolgen. Hinweise zum Firmware-Update gibt es auch auf dieser Lexmark-Supportseite – die Downloads sollten über diese Lexmark Driver-Download-Seite nach Eingabe des Modells möglich sein. Die Firmware wurde dort wohl am 16. September 2022 veröffentlicht (wobei noch nicht alle Modelle Updates erhalten haben). Nachfolgend findet sich ein Auszug aus den Release Notes.
RELEASE NOTES: xxxAT.081.215, xxxBD.081.215, xxxBL.081.215, xxxBN.081.215, xxx.GM.081.215, xxx.GW.081.215, xxxMH.081.215, xxxMM.081.215, xxxPC.081.215, xxxPM.081.215, xxxPP.081.215, xxxSG.081.215, xxxZJ.081.215 READ THIS FIRST: Special notes and considerations − ***IMPORTANT*** If using Scan Center with a non-default value (default = "-1") for the UCF settings de_network_fwCompatibilityLevel*, users must review the following Knowledge Base article before upgrading to this release (this is not common): − Scanning from Scan Center causes 900.00 error − Although this URL is specifically for the MX822, this article is applicable to all multi-function devices (MFP's) using Scan Center − Firmware upgrade warning: − Any device running FW5.1 or older (xxxxx.051.yyy or smaller numbers) must first update to a FW7 based release such as xxxxx.076.308 before upgrading to xxxxx.081.001 or newer releases − MS32x-MS62x/MX32x-MX62x Series devices and their equivalents running xxxGM.04y.zzz firmware must first update to a firmware release between xxxGM.070.001 and xxxGM.075.289 as an initial intermediate release before updating to xxxxx.081.001 or newer releases − CS72x/CX72x Series devices and their equivalents running ATL.03x.yyy or ATL.02x.yyy firmware must first update to CSTAT.041.090 or CXTAT.041.090 as an initial intermediate release before updating to a FW7 based release, such as xxxxx.076.308, and then finally updating to xxxxx.081.001 or newer releases − CS82x/CX82x and CX86x Series devices and their equivalents running xxxPP.075.yyy or older firmware AND with extra memory (RAM) installed must first update to a FW7.6 based release such as xxxPP.076.308 before upgrading to xxxPP.081.001 or newer releases − Contact Lexmark Technical Support to obtain intermediate releases if needed − Firmware downgrade warning: − Devices manufactured with xxxxx.080.001 or newer firmware cannot have firmware downgraded below the manufactured level − For all other devices, it is strongly recommended that a firmware downgrade is NOT performed − Downgrading firmware from newer major firmware ECs to older major firmware ECs will result in the loss of Apps, Security Features, and Settings − Contact Lexmark Technical Support and see KB Article SO8017 for more information on the impacts of downgrading − Ensure the firmware you download is the correct one for the product you haveCUSTOMER RELEASE NOTES:
FW8.1, xxxAT.081.215, xxxBD.081.215, xxxBL.081.215, xxxBN.081.215,
xxxGM.081.215, xxxGW.081.215, xxxMH.081.215, xxxMM.081.215, PC.081.215,
xxxPM.081.215, xxxPP.081.215, xxxSG.081.215, and xxxZJ.081.215 for the following
devicesChanges in 081.215 (since 081.212):
Security Issues Addressed:
− Upgraded open-source components to apply latest security patches
Field Issues Addressed and Other Improvements:
− Improvements to firmware flashing reliability
− Fix for an issue where using the "Fit to Page" setting on the printer results in a
corrupted output for some print jobs
− Fix for an issue where the CS/CX73x devices are not responding to adjustments
to the left margin on the multipurpose feeder or input option trays (CSTMM and
CXTMM firmware)
− Fix for an "unsupported USB hub" error on some devices with Marknet N8372
options installed
− Fix for an issue where "fold" settings for Copy shortcuts were not applied
correctly when the shortcut was launched via Shortcut Center
− Fix for an unexpected output received when printing via USB cable from a
computer running Windows10 patched with KB5015807 or newer
− Fix for a 912.32A crash on CS/CX33x devices and their equivalents (CSLBL and
CXLBL firmware)
− Update default print resolution of mono devices to 1200IQ to improve interaction
with newer drivers and/or driverless print options. NOTE: device print resolution
setting will not be changed by applying this firmware update, a restore factory
defaults or out of service erase would have to be performed after installing this
update for the new default to apply
− Fixes for multiple fax issues
▪ Fix for an issue where devices with fax modems are stuck with "Busy,
please wait" on screen during some boot up operations
▪ Fix for a missing "Fax Transport" setting in some configurations
▪ Fix for an inability to receive some HTTPS faxes
− Fixes for multiple sources of 900.00 errors
▪ Fix for a 900.00 Kernel crash when connected via USB cable to a
computer running Windows10 patched with KB5015807 or newer
▪ Fix for an intermittent 900.00 crash when performing a Card Copy job or a
quick copy job (start copying by pressing green button from home screen)
▪ Fix for a 900.00 crash that occurs with some JBIG faxes ▪ Fix for a reoccurring 900.00 crash every time the device powers up
▪ Fix for a 900.00 crash that occurs after the printer has been idle/asleep
for multiple hours on CS/CX82x and CX86x devices and their equivalents
(CSTPP and CXTPP firmware)
▪ Fix for a 900.00 crash while printing using CS/CX33x devices and their
equivalents (CSLBL and CXLBL firmware)
▪ Fix for a 900.00 crash that occurs when switching wireless access points
(changing SSID's)
▪ Fix for an intermittent 900.00 crash when using some HTTPS fax
functionsChanges in 081.212 (since 081.205):
Security Issues Addressed:
− Upgraded open-source components to apply latest security patches
Field Issues Addressed and Other Improvements:
− Fix for an issue where the printer does not boot all the way to a usable state after
updating firmware (sometimes stuck at "Busy, please wait", sometimes earlier in
boot)
− Fix for an issue where CS/CX82x and CX86x devices fail to boot if they have
4GB of RAM or more installed (CSTPP and CXTPP firmware)
− Fix for an issue where faxes are not sent successfully if "cover page" is enabled
or "hold the job" is enabled and certain security configurations are present
− Fix for an issue where the Lexmark Cloud Services Native Agent running on the
device intermittently stops communicating with the Lexmark Cloud
− Prevent Lexmark Cloud Services connection from disabling itself when network
connection is lost
− Fix for an issue where devices intermittently fail during SMB communication to a
Windows Server with STATUS_ACCESS_DENIED or
STATUS_DUPLICATE_OBJECTID
− Fix to improve output from some MS/MX72x and MS/MX82x printers which
intermittently printed too light or too dark (MSNGW, MSTGW, and MXTGW
firmware)
− Fix for an "incorrect printer time" error message at device power on
− Fix for an issue where the secure element is intermittently not detected at device
power on causing an "Error communicating with the secure element" message to
appear on the device
− Allow scanner firmware update even if scanner is disabled on CX92x devices
− Fix for an issue where the device stops scanning in the middle of a job initiated
by an eSF app and remains stuck
− Fix for a 912.45A crash on the CS/CX33x devices and their equivalents (CSLBL
and CXLBL firmware)
− Fix for an issue where MB2236 devices with a 2.8" touch screen boot into the
"special boot options" menu if the paper tray is empty (MXLSG firmware – 2.8"
touch screen operator panel only) − eSCL scanning support for different resolutions for each color mode
− Fix for an issue where import of PKCS12 device certificates fails
− Updated some strings and translations for enhanced user experience
− Multiple fixes for PDF and PCL-XL emulator errors
− Fix for an 842.02 crash when performing a scan job on CX42x-62x devices
(CXNZJ and CXTZJ firmware)
− Return printer network address instead of local-host when querying printer-more-
info URI IPP attribute
− Fixes for multiple sources of 900.00 errors
▪ Fix for an intermittent 900.00 crash only on network connected printers
▪ Fix for a 900.00 crash when tapping "Connected to Network" on the
device operator panel
▪ Fix for intermittent 900.00 crashes at device boot up on the CS/CX72x
devices and their equivalents (CSTAT and CXTAT firmware)
▪ Fix for other intermittent 900.00 crashesChanges in 081.205 (since 081.016):
Security Issues Addressed:
− Additional mitigations for CVE-2022-29850 Compromised device remains
vulnerable after firmware update
− Upgraded open-source components to apply latest security patches
− Security improvements based on internal testing
Field Issues Addressed and Other Improvements:
− Add support for space characters in SNMP Community Name
− Adjust Fax Volume settings to support new fax card for certain devices (MXLBD,
CXLBL, and CXLBN firmware)
− Fix for an issue where "Keyboard Type" setting must be changed twice in order
to take effect
− Increase time necessary to hold keyboard button before extra characters appear
in order to reduce inadvertent clicks
− Added "Test SMTP Connection" button to SMTP setup menu to improve setup
usability
− Resolve an issue where adding/removing "Held Jobs" from Home Screen
Customization via printer web page intermittently doesn't refresh the op panel
and/or web page correctly
− Fix for an issue where LDAP authentication fails in some environments using
username and password, but succeeds with username only
− Resolve an issue where, under certain conditions, the printer web page
intermittently shows the printer status as "Busy" even if the printer is not in busy
state
− Improvement to ensure apps are able to automatically scroll a list to the currently
selected item during a change prompt if the list is longer than one screen – for example, a list of languages where the currently selected language may be
toward the middle or bottom of the list
− Fix for an issue that causes firmware updates to intermittently fail on some
devices
− Improve messaging for firmware version comparison when updating via the
printer web page
− Fixes for multiple sources of 900.00 errorsChanges in 081.016:
New Features:
− Improved usability on 2.8-inch touchscreen devices
− Improved Initial Setup Wizard usability experience
− Added opt-out model for anonymous data collection
− New TPM hardware support
− TLS v1.3 Server Support
− WPA v3.0 support
− IPP Everywhere 1.1
− Universal Print – Phase 2
− Node locked setting bundles
− Open Source JDK
− Custom Factory Defaults support
− Improved staple logic (Held Jobs)
Security Issues Addressed:
− CVE-2022-29850 Compromised device remains vulnerable after firmware update
− Upgraded open source components to apply latest security patches
− Security improvements based on internal testing
Field Issues Addressed and Other Improvements:
− Improved enrollment to Lexmark Cloud Services
− Fix for an issue where certain Cipher List changes are not saved successfully
− Added validation checking to General Fax Settings, Fax Server, and Email Reply
Address fields
− Multiple fixes for fax receive issues
− Resolve a permissions issue with installed userflash
− Fix for an issue where an HBP driver generated job does not print on certain
devices
− Multiple fixes for PS, PDF, and PCL emulator errors
2015
Kann ich für "XC6152" nicht bestätigen. Auf Support-Seite immer noch nur "CXTPP.076.308" verfügbar