Monday 28 May 2012

Dell finds the hard way to solve malware problem

Two years ago Dell faced a big problem which was its products were infected by malware. Hence, Dell contacted some customers directly concerning this matter. Dell also made appointments for them to change their motherboards that contain malware with a new malware free product. The malware was founded in the embedded server management firmware of replacements motherboards sent out for certain models of server. Even so, they cannot detect what firmware was involved and also what type of spyware was. Dell does say that the spyware is Windows-specific and that non-Windows systems are not vulnerable. New R410 systems are also not affected, just replacement motherboards. Some other reports have described this as a "hardware trojan" of the sort that has been theorized recently, but it is not. This is malware embedded in firmware, and firmware is simply software in a ROM. It's only slightly unconventional.


Update: Dell provided a statement:
"Dell is aware of the issue and is contacting affected customers. The issue affects a limited number of replacement motherboards in four servers - PowerEdge R310, PowerEdge R410, PowerEdge R510 and PowerEdge T410 - and only potentially manifests itself when a customer has a specific configuration and is not running current anti-virus software. This issue does not affect systems as shipped from our factory and is limited to replacement parts only. Dell has removed all impacted motherboards from its service supply chain and new shipping replacement stock does not contain the malware. Customers can find more information on Dell's community forum." - Forrest Norrod, vice president and general manager of server platforms at Dell.

No comments:

Post a Comment