Energizer Holdings, Inc. on Friday said that it had been notified by the U.S.-CERT Coordination Center that Windows software it had been offering for download contained a vulnerability.

The company said that the software, designed to complement its DUO USB battery charger by allowing users to view battery power levels on a connected computer, has been removed from Energizer's Web site and that the company has discontinued the sale of the charger.

Unlike past incidents in which malware has been distributed with a consumer product, like the infected digital picture frames sold by Best Buy in early 2008, the Energizer DUO USB battery charger does not ship with infected software.

Instead, the product's manual directs users to download the malware from Energizer's Web site.

"Energizer is currently working with both CERT and U.S. government officials to understand how the code was inserted in the software," the company said in a statement.

Full story: InformationWeek