Windows

HP becomes next vendor to ship malware-infected media

In yet another case of infected media being sent out direct from a manufacturer, HP's software security response team has issued a warning on this to AusCERT earlier this week. Affected was a batch of USB flash drive for a range of Proliant servers. Apparently, they come with worms that could allow an attacker to compromise an infected system.

In yet another case of infected media being sent out direct from a manufacturer, HP's software security response team has issued a warning on this to AusCERT earlier this week. Affected were some USB flash drives with installation files for a range of Proliant servers. Apparently, they are infected with worms that could allow an attacker to compromise an infected system.

A list of the affected servers has been provided to the security response organization.

Excerpt from ZDNet News:

The worms contained on the 256KB and 1GB USB drives have been identified as W32.Fakerecy and W32.SillyFDC. The worms spread by copying themselves to removable or mapped drives and affect systems running Windows 98, Windows 95, Windows XP, Windows Me, Windows NT and Windows 2000

As the flash drives involved are only used to install optional floppy-disk drives -- itself a very low-volume option, the threat from this slip-up is considered to be low by HP. The recommendation by HP is to have the flash drives checked for potential virus infections using an up-to-date anti-virus software and then scanned.

Obviously, it's no problem if you use an up-to-date anti-virus. However, new servers or workstations needing some sort of installation media to complete a setup might not have anti-virus software installed yet.

Do you make it a habit to manually scan all such media?

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

13 comments
Agent 77
Agent 77

Well I can only say what I think about this whole debacle since I purchased a digital picture frame from somewhere (don't even remember where) and found it infected with some such something. My personal opinion is that there should be some legal liability on the company that sells you, or provides you infected media- ESPECIALLY companies such as HP or other big names. If it happens to me again from a flash drive or any other source when I should be able to place full trust in the source, I will sue them,or at least attempt to because someone has to stand up and say that this is just WRONG!!!

PrinceGaz
PrinceGaz

I always have my AV software set to scan all files used on any inserted media, and if the media was not created by myself, I ensure my AV software has the latest definitions and run a manual scan on it just in case. This should be standard practice with everyone. A compromised machine may not even have working AV software at all, so you must assume all media is potentially carrying a trojan or virus.

alex.a
alex.a

Over the course of my career, I've seen several instances where integrators have built and delivered both servers and workstations with boot-sector viruses preinstalled -- supposedly because the integrator's boot media was infected unbeknownst to them. But I've never heard of viruses infecting the installation media supplied by the manufacturers themselves. Oy veh! Whatever has this world come to?

paulmah
paulmah

New servers or workstations needing some sort of installation media to complete a setup might not have any anti-virus software installed yet. Do you make it a habit to manually scan all such media?

Mond0
Mond0

When the virus is embedded in the firmware of your hardware? OMG, guess who's making the IBM laptops now? Guess who the number one purchaser of IBM laptops is?

Mond0
Mond0

I hate to point fingers, but who thought it was a good idea to outsource things to a Communist country? Did they even discuss this with anyone? Don't we have any checks and balances at the govenment level to prevent this? I'm sure that China thought it was a wonderful opportunity :( Hell, they were probably down right gleeful! PS Someone call BestBuy and ask them who manufacturers their digital picture frames now...

dklandry
dklandry

In the past you didn't have to worry about such concerns but I believe today before you connect anything to a computer it should only be done with an active virus software program that is up to date. When this isn't possible such as in the case of the server scenario then that hardware needs to be checked on a system with that capability. This should become a standardized practice whether the computer is a server, desktop, or laptop. It's also an increase security issue for home users whom many may utilize VPN connections to their company servers now offer another point of attack that has to be monitored. Are we beginning to see problems from these organizations outsourcing their production of products overseas? I fear that this is only the start of a pandemic of issues that hardware manufacturers will face from outsourcing. If the quality control of manufactures that have this issue can't resolve these problems they will rapidly lose customers. What does it say when you can't plug in a storage device or flash memory from a digital camera to a computer system without fear, or at best a sigh of relief when it works without a problem. The burden to prevent this will fall on the end user or IT staff that is already stretched. In many instances the end user has a false sense of confidence because they have problems determining if during the install or connection of a storage device if a virus is attacking or if its a normal part of the installation program. The blame lies solely on the manufacturer quality inspection program, and they should be required to post "caveat emptor" on the product labels!

JCitizen
JCitizen

Or worse yet D.A.R.P.A.?

boxfiddler
boxfiddler

incoming checks, outgoing common sense. What balance?

The Scummy One
The Scummy One

maybe you were infected and didnt know it? In the past blank floppies (new) were infected and the first thing to do was to re-format the floppy disks.

The Scummy One
The Scummy One

Now to address it -- heard of Global Economy? They use this excuse to do lots of stupid things. But yes, I agree with ya both -- this is stupid. However, do not forget that we are dealing with Governments -- common sense and intelligence do not come into play at all.

catseverywhere
catseverywhere

I used to demonstrate a very simple virus that upon inserting a floppy went resident in memory, and was aware of the format command. It didn't hijack the format, but as soon as it was done it rewrote itself to the boot sector by calling a sync. Format, in other words, was/is not always enough.

Editor's Picks