I hope this goes without saying but please do not run this on machines you don’t own.
The good news:
- the exploit seems to require user action
The bad news:
-
Device Firewalls are ineffective against this
-
if someone created a malicious printer on a local network like a library they could create serious issues
-
it is hard to patch without breaking printing
-
it is very easy to create printers that look legit
-
even if you don’t hit print the cups user agent can reveal lots of information. This may be blocked at the Firewall
TLDR: you should be careful hitting print
Not true, Arch and Ubuntu (the ones I personally checked on) already pushed patches that disabled cups browsed by default, removing the service listening on 631.