Dell warns of malware on motherboards

Filed Under: Data loss, Malware

Dell PowerEdge
Updated Dell has published a warning on its support forum that some of its server motherboards are infected with Windows malware.

The admission, posted in response to a customer who wished to confirm that a telephone call he had received from a Dell representative was genuine, confirmed that "a small number of PowerEdge server motherboards" may contain spyware in its embedded server management firmware.

Statement on Dell motherboard malware

Dell says that it has created a list of affected customers, and that they are formally notifying them of the security problem via letter.

Unfortunately, as The Register points out, no specifics are offered as to which malware has infected the motherboards, or what it does.

Even though it is believed that the malware only affects Windows-based operating systems, this is still embarrassing for Dell - and questions will be asked as to whether stringent enough quality control measures were in place to prevent unauthorised code from shipping with their hardware.

Update Since I posted the above article, Dell has now published further information on the incident. Apparently the malware concerned was a common version of the "Win32.Spybot" family that any decent anti-virus product should be able to detect, and the infection was found on the motherboard's flash storage not its firmware.


You might like

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley