HP has issued a security notice after USB keys shipped with some of its ProLiant servers were found to have been infected with viruses.
The keys, which come in 256MB and 1GB varieties, are used to help configure the servers on installation.
"A potential security vulnerability has been identified with two types of optional HP USB Floppy Drive Keys intended for use with certain ProLiant servers," reads the advisory.
"This vulnerability could cause a local 'W32.Fakerecy' or 'W32.SillyFDC' virus infection."
The W32.Fakerecy is written primarily for removable drives and was first reported last year. W32.SillyFDC is also adapted for removable drives but can also be used to download more malicious files onto an infected machine.
"This is a worrying security lapse, especially as it comes from a major global brand with huge resources," said John Hawes, technical consultant at Virus Bulletin.
"Production and release procedures at all serious companies should be locked down tight to prevent this kind of thing – if we can't trust the big boys to keep their systems clean, who can we trust?"
It is not known whether the malware got on the drives as part of a targeted attack against HP’s products or if it was accidentally introduced due to problems on the manufacturer's side with infected machines.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago