Ricoh is aware of the news regarding two security vulnerabilities, called "Spectre" and "Meltdown", which were publically disclosed on January 3rd, 2018. Both highlight the potential to extract information from CPU cache by exploiting certain CPU hardware implementation mechanisms.
The security and integrity of our customer's data and devices remains of utmost importance to Ricoh. We are currently investigating to confirm whether any of our devices include and/or are affected by these vulnerabilities.
- With this vulnerability there is the potential to extract information from CPU cache by exploiting certain CPU implementation mechanism. For this, malicious code would need to be executed on the device.
- Our Ricoh MFP/LPs only allow installation of programs which have been digitally signed by Ricoh. This means it is not possible for a malicious program exploiting this vulnerability to be installed on the device.
- We are not aware of any data or security breaches to any of our customers at this time.
Our technology and security experts continue to work closely with other hardware and operating system vendors to develop an industry-wide approach to resolve this issue promptly and constructively.
As more information becomes available we will provide updates to this web page.