Dell ships motherboard with malicious code

Summary:Dell has confirmed that some of its PowerEdge server motherboards were shipped to customers with malware code on the embedded server management firmware.

Dell has confirmed that some of its PowerEdge server motherboards were shipped to customers with malware code on the embedded server management firmware.

The infected motherboard was found on replacement Dell PowerEdge R410 rack servers, according to a post on a Dell support forum.

A Dell representative confirmed the issue after a customer received a call warning about the infected motherboard.

follow Ryan Naraine on twitter

As part of Dell’s quality process, we have identified a potential issue with our service mother board stock, like the one you received for your PowerEdge R410, and are taking preventative action with our customers accordingly.  The potential issue involves a small number of PowerEdge server motherboards sent out through service dispatches that may contain malware.  This malware code has been detected on the embedded server management firmware as you indicated.

We take matters of information security very seriously and believe that any impact to a customer’s information security is unlikely.  To date we have received no customer reports related to data security. Systems running non-Windows operating systems are not vulnerable to this malware and this issue is not present on motherboards shipped new with PowerEdge systems.

The company did not provide any additional details.

UPDATE: After the publication of this story, Dell emailed the following statement from Forrest Norrod, vice president and general manager of server platforms.:

Dell is aware of the issue and is contacting affected customers.  The issue affects a limited number of replacement motherboards in four servers - PowerEdge R310, PowerEdge R410, PowerEdge R510 and PowerEdge T410 – and only potentially manifests itself when a customer has a specific configuration and is not running current anti-virus software.   This issue does not affect systems as shipped from our factory and is limited to replacement parts only.  Dell has removed all impacted motherboards from its service supply chain and new shipping replacement stock does not contain the malware.  Customers can find more information on Dell’s community forum.

Topics: Dell, Hardware, Malware, Security, Servers

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.