Skip to main content

Canon issues firmware for EOS-1D and 5D cameras at risk of malware attack

Canon issues firmware for EOS-1D and 5D cameras at risk of malware attack
(Image credit: Canon)

In the wake of last month's report that 30 Canon cameras are at risk of malware attack, the manufacturer has issued firmware updates for two of its key product lines, encompassing the popular Canon EOS 5D Mark IV and 1D X Mark II.

These updates should protect users of current 1D and 5D systems from the security threat, which also potentially impacts every camera that uses the popular Picture Transfer Protocol (PTP). 

• Read more: Security alert issued – 30 cameras at risk of malware attack

"An international team of security researchers has drawn our attention to a vulnerability related to communications via the Picture Transfer Protocol (PTP), which is used by Canon digital cameras, as well as a vulnerability related to firmware updates," notes the manufacturer

"Due to these vulnerabilities, the potential exists for third-party attack on the camera if the camera is connected to a PC or mobile device that has been hijacked through an unsecured network."

The Canon EOS 5D Mark IV has been patched, but other cameras remain vulnerable – especially over Wi-Fi

The Canon EOS 5D Mark IV has been patched, but other cameras remain vulnerable – especially over Wi-Fi (Image credit: Canon)

Canon has now released firmware for the following cameras to address the issue:

Canon EOS-1D X (Version 1.2.1 is available for download)
Canon EOS-1D X Mark II (Version 1.1.7 is available for download)
Canon EOS-1D C (Version 1.4.2 is available for download)
Canon EOS 5D Mark III (Version 1.3.6 is available for download)
Canon EOS 5D Mark IV (Version 1.2.1 is available for download)
Canon EOS 5DS (Version 1.1.3 is available for download)
Canon EOS 5DS R (Version 1.1.3 is available for download)
Canon EOS 80D (Version 1.0.3 is available for download – already released) 

The following affected cameras are currently awaiting firmware corrections:

Canon EOS 6D
Canon EOS 6D Mark II
Canon EOS 7D Mark II 
Canon EOS 70D
Canon EOS M10
Canon EOS M100
Canon EOS M3
Canon EOS M5
Canon EOS M50
Canon EOS M6
Canon EOS R
Canon EOS RP
Canon EOS Rebel SL2
Canon EOS Rebel SL3
Canon EOS Rebel T6
Canon EOS Rebel T6i
Canon EOS Rebel T6s
Canon EOS Rebel T7
Canon EOS Rebel T7I
Canon PowerShot G5X Mark II
Canon PowerShot SX70 HS
Canon PowerShot SX740 HS

As discussed in our earlier story, this is not a Canon-specific issue – any camera that uses the PTP protocol is potentially affected by the same security risk.

"While the Canon EOS 80D was the one tested in this demonstration, we do believe that similar implementation vulnerabilities could be found in other vendors as well, potentially leading to the same critical results in any digital camera," we were told by Eyal Itkin, researcher for Check Point, which discovered the vulnerabilities.

At present, there have been no confirmed reports of malicious activity or attacks due to the security holes in the PTP. However, Canon has issued a number of workarounds – which should also help protect users of any affected camera, Canon or otherwise:

  • Ensure the suitability of security-related settings of the devices connected to the camera, such as the PC, mobile device, and router being used.
  • Do not connect the camera to a PC or mobile device that is being used in an unsecure network, such as in a free Wi-Fi environment.
  • Do not connect the camera to a PC or mobile device that is potentially exposed to virus infections.
  • Disable the camera’s network functions when they are not being used.
  • Download the official firmware from Canon’s website when performing a camera firmware update.

Read more: 

Security alert issued for 30 cameras: Canon and Olympus respond
Verbatim Fingerprint Secure Hard Drive protects and encrypts your data
Canon EOS R hacked: Magic Lantern “successfully loaded”