Infection Bearing Flash Cards Accompanying HP Switches Inadvertently Distributed
Hewlett-Packard said that it was unknowingly marketing network switches it manufactured along with flash cards, which had malicious software, recently. Zdnet.com published this on April 12, 2012.
The company released one security advisory according to which, it spotted potential security flaw within its switches of ProCurve 5400 zl series, which consumers bought after April 30, 2011.
Actually, there is one precision flash card in the switches that keeps its configuration files and boot software. HP states that whereas the malicious virus didn't itself affect the switches, the removal of the card and its access via the PC potentially contaminated that machine.
The problem can, however, be resolved if end-users remove the malware with the help of a script utilized in the context of the Hewlett Packard switch manager that according to the company, won't interrupt the switch's operations. Basically, the script erases the card's content devoid of eliminating the card itself while potentially make the affected PC vulnerable to infection. The other way is to replace the management software, HP advises.
Intriguingly, the sort of problems in discussion occurs only occasionally though not for the first time. Also, they actually result in considerable problems whilst one especially forcefully proliferating alternatively highly damaging piece of malicious software plays into action. An example of this is the FunLove worm that contaminated Dell computers during their manufacturing process back during 1999. A similar thing happened with HP when it shipped printer drivers having the malicious FunLove following the uploading of malware-laced files onto its online site way back during 2001.
In the meantime, the latest occurrence resembles one instance from 2008 whilst HP Australia alerted of non-compulsory Universal Serial Bus (USB) sticks that were distributed with the company's ProLiant servers whilst carrying a malware infection. Numerous 1GB and 256MB USB sticks were distributed accompanying the servers when they contained not so dangerous malware such as SillyFDC and Fakerecy.
Consequently, the bottom line: manufacturers must diligently and properly do to avoid the problems. Also, such problems must be dealt with in time since they may otherwise ruin the market reputation of a product company.
Related article: Infection in Chinese Security Website
» SPAMfighter News - 19-04-2012