Battery Chargers and Trojans, Oh My!

Energizer recently confirmed the existence of a vulnerability in the charging status software provided with their Duo Charger. The software was found to contain a back door called "Arucer.dll", which is a remote access Trojan. This trojan is set to autorun, and on will request a firewall exception when it runs.

US-CERT provides full detail, including removal and cleanup information.

This is another great reason to periodically run a report of the firewall exceptions allowed in your organization (using SMS or another tool), if they're allowed at all.