Malware shipped with HP switches

By

Dirty flash cards could infect computers.

HP has issued a warning to customers after it shipped a string of ProCurve 5400 zl switches with malware-infected compact flash cards.

Malware shipped with HP switches

The infected cards did not pose problems for the switch itself.

HP issued a security advisory that the malware was only a risk if the storage card was removed from the switch and reused in a different device, such as a personal computer.

According to HP, the flash card is the "primary non-volatile storage medium located on the [switch's] management module that contains both the boot software and configuration files".

It is removable, for example, in the event that the card fails.

The gaffe, first reported by The Register, affected HP ProCurve 5400 zl switches that were purchased after April 30 last year.

Users can purge the malware by running a script used on the HP switch manager which the company said will not disrupt operations of the switch. Alternatively the management module can be replaced.

A list of vulnerable models was available on the advisory.

In 2008, AusCERT warned that low-risk malware was shipped on USB drives by HP Australia for its ProLiant servers.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:
hpmalwarenetworkingsecurity

Sponsored Whitepapers

What 4 wholesale distribution challenges aren’t going away anytime soon?
What 4 wholesale distribution challenges aren’t going away anytime soon?
State of the SOC: Building Resilience in a Shifting Threat Landscape
State of the SOC: Building Resilience in a Shifting Threat Landscape
Transform IT Service Delivery with Freshworks ITSM
Transform IT Service Delivery with Freshworks ITSM
Digital Transformation That Works in the Real World
Digital Transformation That Works in the Real World
Beyond the Breach: Logicalis Delivers Scalable, Business-Aligned MXDR Security
Beyond the Breach: Logicalis Delivers Scalable, Business-Aligned MXDR Security

Events

Most Read Articles

University of Melbourne reprimanded for using wi-fi data to identify protesters

University of Melbourne reprimanded for using wi-fi data to identify protesters
NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul
Cloudflare makes changes to avoid repeat of 1.1.1.1 DNS outage

Cloudflare makes changes to avoid repeat of 1.1.1.1 DNS outage
Defence picks Lockheed Martin for mammoth compute deal

Defence picks Lockheed Martin for mammoth compute deal
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?