[Infowarrior] - Dell ships motherboard with malicious code

Richard Forno rforno at infowarrior.org
Wed Jul 21 12:53:51 CDT 2010


http://www.zdnet.com/blog/security/dell-ships-motherboard-with-malicious-code/6901?tag=nl.e550

Dell ships motherboard with malicious code
By Ryan Naraine | July 21, 2010, 8:37am PDT

Dell has confirmed that some of its PowerEdge server motherboards were shipped to customers with malware code on the embedded server management firmware.

The infected motherboard was found on replacement Dell PowerEdge R410 rack servers, according to a post on a Dell support forum.

A Dell representative confirmed the issue after a customer received a call warning about the infected motherboard.

As part of Dell’s quality process, we have identified a potential issue with our service mother board stock, like the one you received for your PowerEdge R410, and are taking preventative action with our customers accordingly. The potential issue involves a small number of PowerEdge server motherboards sent out through service dispatches that may contain malware.  This malware code has been detected on the embedded server management firmware as you indicated.

We take matters of information security very seriously and believe that any impact to a customer’s information security is unlikely.  To date we have received no customer reports related to data security. Systems running non-Windows operating systems are not vulnerable to this malware and this issue is not present on motherboards shipped new with PowerEdge systems.

The company did not provide any additional details


More information about the Infowarrior mailing list