Threat Level: green Handler on Duty: Renato Marinho

SANS ISC: InfoSec Handlers Diary Blog - Dell PowerEdge R410 replacement motherboard firmware contains malware InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Dell PowerEdge R410 replacement motherboard firmware contains malware

Published: 2010-07-21
Last Updated: 2011-01-30 04:29:54 UTC
by Adrien de Beaupre (Version: 1)
1 comment(s)

A Dell support forum post confirms that PowerEdge R410 replacement motherboards contain malware. The posting is here en.community.dell.com/support-forums/servers/f/956/t/19339458.aspx. The embedded server management firmware in some motherboards contain the malicious code. The issue is not present on new servers and does not impact non-Windows based servers. No further information on the malware itself, mitigation techniques, the specific motherboards affected, nor the method of the original infection are yet available. Dell is sending snail mail and calling affected customers. Thanks Geoff and one other reader for bringing this to our attention!

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.

1 comment(s)
Diary Archives