Dell is warning customers that “a small number” of its server motherboards may contain malicious software.
“The potential issue involves a small number of PowerEdge server motherboards sent out through service dispatches that may contain malware,” according to post on a Dell support forum. “This malware code has been detected on the embedded server management firmware.”
The malware issue affects a limited number of replacement motherboards in four servers, the PowerEdge R310, PowerEdge R410, PowerEdge R510 and PowerEdge T410 models, wrote Forrest Norrod, vice president and general manager of server platforms at Dell, in an e-mail.
It only potentially manifests itself when a customer has a specific configuration and is not running current antivirus software, Norrod wrote.
“Dell is aware of the issue and is contacting affected customers. This issue does not affect systems as shipped from our factory and is limited to replacement parts only. Dell has removed all impacted motherboards from its service supply chain and new shipping replacement stock does not contain the malware,” Norrod wrote.
Norrod did not provide further details on the malware, how it affects servers and potential ways to fix it, but said further details will be posted soon at Dell's website.
Dell's response came after a customer wrote about being contacted by a service technician trying to schedule an appointment to cleanse a server of malware.
Dell said that it did not believe the issue would impact its customers. “To date we have received no customer reports related to data security,” according to the post.
Non-Windows OSes are not affected, and the malware is not present on the new motherboards shipped with PowerEdge systems, Dell said.
The company said it has assembled a customer list and is contacting customers through letters.