Alerts & Security Vulnerability Announcements

 
 

Notice on CPU Vulnerabilities - Meltdown and Spectre

March 1, 2018


Ricoh is aware of the news regarding two security vulnerabilities called "Spectre" and "Meltdown" which were publicly disclosed on January 3, 2018. Both highlight the potential to extract information from a CPU cache by exploiting certain CPU hardware implementation mechanisms.


The security and integrity of our customers' data and devices remains of utmost importance to Ricoh. We are currently investigating to confirm whether any of our devices include and/or are affected by these vulnerabilities.

  • With this vulnerability there is the potential to extract information from a CPU cache by exploiting certain CPU implementation mechanisms. For this to occur, malicious code would need to be executed on the device.
  • Our Ricoh MFP/LPs only allow installation of programs which have been digitally signed by Ricoh. This means it is not possible for a malicious program exploiting this vulnerability to be installed on the device.
  • We are not aware of any data or security breaches to any of our customers at this time.

 

Our technology and security experts continue to work closely with other hardware and operating system vendors to develop an industry-wide approach to resolve this issue promptly and constructively.

As more information becomes available we will provide updates to this web page.

 
 

Email Phishing Alert

Business E-mail Compromise (BEC) scams continue to be a serious issue for companies including Ricoh. Recent examples of potentially fraudulent and/or non-Ricoh sanctioned websites include: "Ricohh-usa.com" which could be used to masquerade as the Ricoh domain and “ricohdrivers.com” which is not a Ricoh owned and operated website.  Our official domain is Ricoh-usa.com

We recommend our customers always be vigilant. If you are uncertain of a site’s legitimacy, reach out to your account team for verification and if necessary, block any fraudulent or suspect domains.

We take these matters seriously, and you should, too. We urge you to be cautious with unexpected email requests for personal or financial information, such as banking or other confidential details. Do not respond to these emails.

Learn additional tips for identifying and handling BEC scams.
 
 

WannaCry statement

WannaCry is ransomware that targets computers running Windows. After encrypting data on an infected system, it demands payment before you can regain access to your data. WannaCry has infected many computers around the world, and many organizations have started implementing countermeasures.

We are committed to keeping our products and services as secure as possible for our clients around the world. At this time, we are actively monitoring the situation and working to take appropriate measures.