Alerts & Security Vulnerability Announcements

LAN-Fax Generic Driver Upgrade Advisory

Ricoh has identified an irregularity in LAN-Fax Generic Driver, Ver. and Ver., software used to send faxes from a PC. By obtaining a free download of the latest version of the software, this can be avoided. 

Notice on CPU Vulnerabilities - Meltdown and Spectre

Ricoh is aware of the news regarding two security vulnerabilities called "Spectre" and "Meltdown" which were publicly disclosed on January 3, 2018. Both highlight the potential to extract information from a CPU cache by exploiting certain CPU hardware implementation mechanisms.

The security and integrity of our customers' data and devices remains of utmost importance to Ricoh. We are currently investigating to confirm whether any of our devices include and/or are affected by these vulnerabilities.

  • With this vulnerability there is the potential to extract information from a CPU cache by exploiting certain CPU implementation mechanisms. For this to occur, malicious code would need to be executed on the device.
  • Our Ricoh MFP/LPs only allow installation of programs which have been digitally signed by Ricoh. This means it is not possible for a malicious program exploiting this vulnerability to be installed on the device.
  • We are not aware of any data or security breaches to any of our customers at this time.

Our technology and security experts continue to work closely with other hardware and operating system vendors to develop an industry-wide approach to resolve this issue promptly and constructively.

As more information becomes available we will provide updates to this web page.

Email Phishing Alert

Business E-mail Compromise (BEC) / phishing scams continue to be a serious issue for companies including Ricoh. It has recently come to our attention that a Phishing email was sent via a email address. This is not a legitimate email from Ricoh and should immediately be deleted.

We recommend our customers always be vigilant. If you are uncertain of an email’s legitimacy, reach out to your account team for verification and if necessary, block any fraudulent or suspect domains.

We take these matters seriously, and you should, too. We urge you to be cautious with unexpected email requests for personal or financial information, such as banking or other confidential details. Do not respond to these emails.

Learn additional tips for identifying and handling BEC/phishing scams.

WannaCry statement

WannaCry is ransomware that targets computers running Windows. After encrypting data on an infected system, it demands payment before you can regain access to your data. WannaCry has infected many computers around the world, and many organizations have started implementing countermeasures.

We are committed to keeping our products and services as secure as possible for our clients around the world. At this time, we are actively monitoring the situation and working to take appropriate measures.