Cisco CD-ROMs send users to malware site

Cisco has warned that CD-ROM guides with warranty information sent to users may, when inserted, send those users to a site infected with malware. Affected warranty CD-ROMs were shipped to customers of the network equipment company between December 2010 and August 2011. When placed in a system with autorun enabled, or opened on systems with autorun disabled, the web browser would be launched and would automatically navigate to an unnamed third-party site. The affected CDs (and the part numbers) are:

• Cisco 1-Year Limited Hardware Warranty Terms (80-8937-01D0, 80-8937-01E0)
• Cisco Limited 5-Year Hardware and 1-Year Software Warranty Terms (80-8938-01D0, 80-8938-01E0)
• Cisco 90-Day Limited Hardware Warranty Terms (80-8939-01D0, 80-8939-01E0)
• Cisco Information Packet - Cisco Limited Warranty, Disclaimer of Warranty, End User License Agreement, and US FCC Notice (80-8940-01D0, 80-8940-01E0)
• Cisco Limited Lifetime Hardware Warranty Terms (80-8941-01D0, 80-8941-01E0)
• End User License Agreement (80-8943-01D0, 80-8943-01E0)

Cisco says it is not aware of any cases where a customer has been infected through use of the CD-ROMs and notes that the third-party site in question is "currently inactive as a malware repository". Cisco says that this status could change and that this could put customers at risk again. It has now corrected the problem and offers clean ISO images of the CD-ROMs which customers can burn to replace their current CDs. CD-ROMs delivered in August are no longer affected and Cisco will be printing a revision number on future discs; revision F0 or higher will be the cleaned version.

(djwm)