Update: Printer Security Program issued to address potential vulnerabilities in some of Ricoh’s printer/PC fax drivers

15 Apr 2020

First published January 22, 2020
Date of current status April 15, 2020
Ricoh Company, Limited.

Ricoh understands the importance of security and is committed to managing its products and services with the most advanced security technologies possible for their customers around the world.On January 22, 2020, Ricoh released updated printer drivers and a security updater program to address a vulnerability1 (CVE-2019-19363) which may have affected some versions of the printer/PC fax drivers used by certain Ricoh MFPs, Printers and Digital Duplicators. Ricoh released an updated Universal Print Driver, Security Updater program, and continues to release additional printer drivers as further vulnerabilities have been identified. All users need to install the latest printer drivers where applicable or apply the security Updater program if you are using any of the affected print drivers. Ricoh suggests the following:

  • Please click here to view a list of affected print drivers. Driver updates are ongoing, so please check back to see the latest updates.
  • Uninstall all affected drivers, if possible, and remove any previously downloaded copies of affected drivers, then install the latest print drivers. The vulnerability represented can only be fully remediated by updating the driver.
  • If you still require using one or more of the affected device specific drivers, run the security updater program. If an affected driver must be reinstalled at any time, please run the security updater program again.

Ricoh is committed to supporting customers across the globe, enabling them to operate Ricoh products equipped with the latest security settings. To minimize potential security risks, Ricoh recommends that customers follow best practices for securely setting up printers or MFPs. Please visit here for details.

Please contact with your local Ricoh representative or dealer if you have any queries.


Credit for discovery: Yaron Samuel & Or Chechik at Palo Alto Networks and Alexander Pudwill with the assistance of Pentagrid AG. Additional assistance provided by Xanthus Security.