Vectra Networks found a bug in printer software that allowed them to insert malicious code into a printer driver. The attack relies on a protocol called Microsoft Web Point-and-Print, which the company incorporated into Windows to make it easy to connect to a printer. A driver’s digital signature – used to verify if software is legitimate – isn’t checked. The driver gets installed straight away with high privileges at the system level. Even if the malware is removed, any time a user is close to the same printer, it would be delivered seamlessly.”]
Source: https://www.cuinfosecurity.com/blogs/ready-to-print-heres-malware-instead-p-2180