HP ProCurve switch shipped with malware

The maker of expensive printer ink, HP, has admitted that its ProCurve 5400 zl switches shipped with flash cards that may be infected with malware.

Of course this saves network managers loads of time having to go to the internet to download the malware themselves, but for some reason not everyone thinks this is a good idea.

HP warned that using one of the infected compact flash cards in question could result in the system being compromised.

The company is not saying what type of malware may be on the infected flash cards, nor how much damage might result if the PC is infected.

According to SecurityWeek, the threat exists on HP 5400 zl series switches purchased after 30 April, 2011.

The vulnerability can be fixed via a “Software Purge Option” or a hardware replacement. HP has a script that will delete malicious files and the directory in question without causing any switch downtime.

HP will send a replacement Management Module to customers who have 5400 zl switches that are not on their network.

The HP 5400 zl Switch Series has intelligent switches in the HP modular chassis product line which includes 6-slot and 12-slot chassis and associated zl modules and bundles.