Dell replacement motherboards contained malware - Update
In a post on its support forums, Dell has confirmed that several models of its replacement server motherboards were infected with the W32.Spybot.Worm. According to Dell, only "a small number of the replacement motherboards" sent out to customers via its service and replacement process contained the malware. The company says that only PowerEdge R310, R410, R510 and T410 replacement boards are affected, adding that "the maximum potential exposure is less than 1%".
In its testing, the computer manufacturer said that the worm was found to have taken root inside of the flash storage of the replacement boards, specifically noting that it does not reside in the firmware. Additionally, the worm only affected customers running Microsoft's Windows operating system and reportedly, units with the iDRAC Express or iDRAC Enterprise card installed cannot be affected. Dell has contacted all affected customers by the phone and offered the services of a technician to help remove the malware from affected Windows installations. New replacement stock does not contain the malware.
Update: According to The Register, Dell has confirmed that human error was to blame for the infection of replacement server motherboards with malware. While the company has yet to say exactly how the boards were infected, it has said that 16 steps had been taken to improve the security process.