As if users didn't have enough burdens already dealing with malware-riddled websites and software, HP has warned that it has accidentally been flogging USB flash drives pre-infected with malware. Dubbed the HP USB floppy drive key, they are intended for use with HP's ProLiant line of servers to install optional floppy disk drives – a very low volume option itself – and thus the threat from this blunder is considered to be low by HP.
However, since these are otherwise perfectly normal flash memory sticks, they can also be used by other computers. The worms contained on the USB drives have been identified as W32.Fakerecy and W32.SillyFDC, which spread by copying themselves to removable or mapped drives and could allow an attacker to compromise an infected system running Windows 98, Windows 95, Windows XP, Windows Me, Windows NT and Windows 2000. Users are advised to disable the default autorun settings and make sure that virus protection is active and up-to-date.