No exploitations have been observed in the wild as of yet, according to the company’s European site, but owners should scan for indicators of compromise given that the bugs have been publicly known but unpatched for months.
Beyond the obvious step of updating to the latest firmware, Canon is advising its customers to “set a private IP address for the products and create a network environment with a firewall or wired/Wi-Fi router that can restrict network access.”
When it comes to internet facing attacks, the default setup will be good enough. Some people decide to hook up printers to the internet directly, or use NAT to forward every port to the printer, and then you can get hacked over the internet. That’s what Canon is telling people not to do, and you have to go out of your way not to make that the case.
For larger businesses that run the risk of someone getting onto their WiFi and leaving behind a point of presence after initial infection, network segmentation and firewalls shouldn’t be a problem, that’s what IT people get hired to do.
You and I know that, and IT people know that as you say, but to grandma that is a foreign language.
I just found the wording amusing imagining some people I know trying to parse it.
PS: and also wanted to bitch about companies churning out buggy shit. :)