Dell PowerEdge motherboards ship with malware

Summary:Replacement motherboards for four Dell PowerEdge servers have been found with malware in their flash storage components

Dell has admitted that it sent out malware-laced replacement server motherboards to some of its customers.

Some replacement motherboards for the PowerEdge R310, R410, R510 and T410 servers were found during Dell testing to contain the Spybot worm within the flash storage, the hardware maker said on Wednesday. Dell said it is telephoning the customers affected, and it noted in a post to its community forum that less than one percent of installed base of the four server models are at risk.

"This issue does not affect systems as shipped from our factory and is limited to replacement parts only. Dell has removed all impacted motherboards from its service supply chain, and new shipping replacement stock does not contain the malware," Forrest Norrod, general manager of server platforms at Dell, said in a statement on Wednesday.

The Spybot worm, which surfaced in 2003 and comes in many variants, spreads using Microsoft Windows vulnerabilities. This means that servers running non-Windows operating systems cannot be infected, nor can systems with the iDRAC Express or iDRAC Enterprise management controllers installed, according to Dell. The company said that all "industry-standard" antivirus programs will be able to identify and stop the code from infecting systems.

In addition, the malware can activate only if customers run an update to the Unified Server Configurator or 32-bit Diagnostics, according to Dell.

"[We] believe that any impact to a customer's information security is unlikely. To date, we have received no customer reports related to data security," the company said in a post to its community forum.

On the forum, Dell initially said it had found the malware in the embedded server management firmware on the motherboards, but later changed this to say that the problem was actually in the flash storage.

The hardware maker is urging customers with questions to contact it at US_EEC_escalations@dell.com or to consult the community forum thread that highlights the issue.

Topics: Security

About

Jack Clark has spent the past three years writing about the technical and economic principles that are driving the shift to cloud computing. He's visited data centers on two continents, quizzed senior engineers from Google, Intel and Facebook on the technologies they work on and read more technical papers than you care to name on topics f... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.