cancel
Showing results for 
Search instead for 
Did you mean: 
XMP_Admin
Xerox Employee
Xerox Employee

UPDATE: CVE-2021-34527 and Workplace Cloud

The Xerox Workplace Cloud team has reviewed the Microsoft vulnerability CVE202-34527.

We are pleased to report Workplace Cloud primary workflows are not vulnerable to this issue. Our evaluation includes both our modern Cloud Client and Cloud hosted architecture. 

The main attack vector is shared network queues on Microsoft Print Servers.

Xerox Workplace Cloud Clients simply use a local print queue (that should not be shared) and intercept the job data.

Workplace Cloud does support one print submission workflow which allows the Xerox Workplace Cloud Agent to accept prints from external third-party clients.  Although this workflow is infrequently used it does utilize a Window's shared print queue. If using this workflow you should apply the Microsoft Patch to the OS that the agent is hosted on.   For the latest information please see the Microsoft bulletin here:  https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

 

"Innovating how the world communicates, connects and works."
0 Kudos