In yet another case of infected media being sent out direct from a manufacturer, HP's software security response team has issued a warning on this to AusCERT earlier this week. Affected were some USB flash drives with installation files for a range of Proliant servers. Apparently, they are infected with worms that could allow an attacker to compromise an infected system.
A list of the affected servers has been provided to the security response organization.
The worms contained on the 256KB and 1GB USB drives have been identified as W32.Fakerecy and W32.SillyFDC. The worms spread by copying themselves to removable or mapped drives and affect systems running Windows 98, Windows 95, Windows XP, Windows Me, Windows NT and Windows 2000
As the flash drives involved are only used to install optional floppy-disk drives — itself a very low-volume option, the threat from this slip-up is considered to be low by HP. The recommendation by HP is to have the flash drives checked for potential virus infections using an up-to-date anti-virus software and then scanned.
Obviously, it's no problem if you use an up-to-date anti-virus. However, new servers or workstations needing some sort of installation media to complete a setup might not have anti-virus software installed yet.
Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.