Dell PowerEdge R410 replacement motherboard firmware contains malware

Published: 2010-07-21
Last Updated: 2011-01-30 04:29:54 UTC
by Adrien de Beaupre (Version: 1)
1 comment(s)

A Dell support forum post confirms that PowerEdge R410 replacement motherboards contain malware. The posting is here en.community.dell.com/support-forums/servers/f/956/t/19339458.aspx. The embedded server management firmware in some motherboards contain the malicious code. The issue is not present on new servers and does not impact non-Windows based servers. No further information on the malware itself, mitigation techniques, the specific motherboards affected, nor the method of the original infection are yet available. Dell is sending snail mail and calling affected customers. Thanks Geoff and one other reader for bringing this to our attention!

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.

1 comment(s)

Comments

FYI...
- http://www.theinquirer.net/inquirer/news/1724179/dell-shipped-motherboards-malware
Jul 22 2010 - "... Systems with the IDRAC Express or IDRAC Enterprise card installed cannot be affected and the only way that anyone can be exposed is if the customer chooses to run an update to either Unified Server Configurator (USC) or 32-bit Diagnostics."
.

Diary Archives