---- Dell warns of malware on replacement server motherboards
travelin_cat - 4:53 pm on Jul 22, 2010 (gmt 0)
As part of Dellís quality process, we have identified a potential issue with our service mother board stock... The potential issue involves a small number of PowerEdge server motherboards sent out through service dispatches that may contain malware. This malware code has been detected on the embedded server management firmware...
There are important pieces of information to note:
1. This issue does not affect any Dell PowerEdge servers shipped from our factories and is limited to a small number of the replacement motherboards only which were sent via Dellís service and replacement process for four servers: PowerEdge R310, PowerEdge R410, PowerEdge R510 and PowerEdge T410. The maximum potential exposure is less than 1% of these server models.
2. Dell has removed all impacted motherboards from the service supply. New shipping replacement stock does not contain the malware.
3. TheW32.Spybot worm was discovered in flash storage on the motherboard during Dell testing. The malware does not reside in the firmware.
4. All industry-standard antivirus programs on the market today have the ability to identify and prevent the code from infecting the customerís operating system.
5. Systems running non-Microsoft Windows operating systems cannot be affected.
6. Systems with the iDRAC Express or iDRAC Enterprise card installed cannot be affected.
7. Remaining systems can only be exposed if the customer chooses to run an update to either Unified Server Configurator (USC) or 32-bit Diagnostics.
[edited by: Brett_Tabke at 1:37 am (utc) on Jul 23, 2010] [edit reason] added updated info [/edit]