back to article Cisco warns over warranty discs of EVIL

Networking giant Cisco has warned customers that a CD-ROM it supplied with its kit automatically took users to a site that was a known malware repository. The affected CDs, designed to supply warranty information, were supplied to customers between December 2010 and August 2011. When the disc was opened, or if autorun was …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Devil

    I wonder...

    ...if it took so long to notice because most of the Cisco warranty/product safety/regulatory compliance docs go straight in the bin? The same probably applies to other vendors as well.

    Might check the next CD I get to see if the warranty document on the CD actually says "I've been sitting her for six months and all I have written is this. It's not like anyone will ever check...."

  2. Ru
    Alert

    "Malicious suppository"

    Bloody hell. Should we be more worried that Cisco are supplting legitimate suppositories to their customers?

  3. Eduard Coli
    FAIL

    No surprises

    Clever Chinese espionage or cruddy Indian programming, Cisco has not been the same since they tried to turn themselves into a services reseller.

  4. Daniel Gould
    Facepalm

    Tell us the URL then

    so we can add it to our proxy block lists!! Or would that just be inviting trouble??

  5. Robert E A Harvey
    WTF?

    Autorun?

    I really hope someone doing disaster recovery on Cisco gear has atorun disabled

    1. Hardcastle the ancient
      WTF?

      WTF?

      Someone downvoted this?

      Someone actually thinks IT professionals should have Autorun ON?

      I've noticed a lot of weird downvoting lately. What is going on?

      1. Stoneshop Silver badge
        Headmaster

        @Hardcastle the ancient

        Downvoted? Perhaps because one doesn't normally restore Cisco firmware or default configs from *warranty info* disks. In other words, it's likely been downvoted for lack of reading comprehension.

    2. Anonymous Coward
      Devil

      That is not part of the CCXX curriculum

      1. That is not part of the CCXX curriculum

      2. The fact that any piece of Cisco gear still leaves the factory in a state where you need a "bare" windows machine with telnet or terminal and nothing else to configure it and you do not need to know kit serial numbers and factory passwords (not even an initial pre-set serial no==password) says it all. To be more exact it does not say it all about Cisco security (some fine people working there), but about the expectations to/from the hordes of CCXX certified personnel.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019