Posted on Thursday, May 04 2017 @ 13:36 CEST by Thomas De Maesschalck
These flash drives contain an infected Initialization Tool from IBM for installing Storwize software. IBM says the malicious code gets copied to Windows, Mac and Linux systems as part of the tool's launch process, but claims the files aren't actually executed so it's relatively harmless:
Last week, IBM announced that it had accidentally distributed malware to some of its Storwize customers via a USB drive. The drive contains an Initialization Tool from IBM for installing legitimate Storwize software. Affected models include:If your company received one of the infected USB drives, there may be malware on systems in the %TMP%initTool folder on Windows systems, or the /tmp/initTool folder on Linux and Mac systems. IBM recommends clients to delete this folder, and advises to either destroy the flash drive or wipe the "InitTool" folder from the flash drive and download a new version from its FixCentral.
IBM Storwize V3500 – 2071 models 02A and 10A IBM Storwize V3700 – 2072 models 12C, 24C and 2DC IBM Storwize V5000 – 2077 models 12C and 24C IBM Storwize V5000 – 2078 models 12C and 24C
If your Storwize system serial number starts with 78D2, your system is not affected.
Via: ExtremeTech
