Networking giant Cisco has warned customers that a CD-ROM it supplied with its kit automatically took users to a site that was a known malware repository. The affected CDs, designed to supply warranty information, were supplied to customers between December 2010 and August 2011. When the disc was opened, or if autorun was …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Friday 5th August 2011 15:39 GMT Anonymous Coward

I wonder...

...if it took so long to notice because most of the Cisco warranty/product safety/regulatory compliance docs go straight in the bin? The same probably applies to other vendors as well.

Might check the next CD I get to see if the warranty document on the CD actually says "I've been sitting her for six months and all I have written is this. It's not like anyone will ever check...."

4 0
Friday 5th August 2011 15:39 GMT Ru

"Malicious suppository"

Bloody hell. Should we be more worried that Cisco are supplting legitimate suppositories to their customers?

0 0
Friday 5th August 2011 18:24 GMT Eduard Coli

No surprises

Clever Chinese espionage or cruddy Indian programming, Cisco has not been the same since they tried to turn themselves into a services reseller.

1 0
Friday 5th August 2011 18:41 GMT Daniel Gould

Tell us the URL then

so we can add it to our proxy block lists!! Or would that just be inviting trouble??

3 0
Saturday 6th August 2011 00:06 GMT Robert E A Harvey

Autorun?

I really hope someone doing disaster recovery on Cisco gear has atorun disabled

5 1
1. Monday 8th August 2011 08:45 GMT Hardcastle the ancient
  
  WTF?
  
  Someone downvoted this?
  
  Someone actually thinks IT professionals should have Autorun ON?
  
  I've noticed a lot of weird downvoting lately. What is going on?
  
  1 1
  1. Monday 8th August 2011 17:02 GMT Stoneshop
    
    @Hardcastle the ancient
    
    Downvoted? Perhaps because one doesn't normally restore Cisco firmware or default configs from *warranty info* disks. In other words, it's likely been downvoted for lack of reading comprehension.
    
    0 0
2. Monday 8th August 2011 08:47 GMT Anonymous Coward
  
  That is not part of the CCXX curriculum
  
  1. That is not part of the CCXX curriculum
  
  2. The fact that any piece of Cisco gear still leaves the factory in a state where you need a "bare" windows machine with telnet or terminal and nothing else to configure it and you do not need to know kit serial numbers and factory passwords (not even an initial pre-set serial no==password) says it all. To be more exact it does not say it all about Cisco security (some fine people working there), but about the expectations to/from the hordes of CCXX certified personnel.
  
  0 0