Factory preloaded viruses and who pays for your money

Today CNN is carrying the news that some electronic gadgets come factory preloaded with computer viruses that can “steal passwords, open doors for hackers and make computers spew spam”. These products seem to come from factories in, yes you guessed right, China and “the virus problem appears to come from lax quality control, perhaps a careless worker plugging an infected music player into a factory computer used for testing, rather than organized sabotage by hackers or the Chinese factories”.
While pages can be written about the recurring issue of lack of quality control in certain Chinese factories, the forgotten lack of control by the buyers and the detrimental effect that this stream of cases can have in the Chinese economy and on the retail sector based on very cheap products produced in China, the current and domestic legal issues arising from this piece of news are probably as important. The first and probably obvious issue has to do with the liability of the seller for the quality of the product. There the well know Sale of Goods Act 1979 (as amended), in its section 14 reminds us that

2) Where the seller sells goods in the course of a business, there is an implied
term that the goods supplied under the contract are of satisfactory quality.

(2A) For the purposes of this Act, goods are of satisfactory quality if
they meet the standard that a reasonable person would regard as satisfactory,
taking account of any description of the goods, the price (if relevant) and all
the other relevant circumstances.

(2B) For the purposes of this Act, the
quality of goods includes their state and condition and the following (among
others) are in appropriate cases aspects of the quality of goods—

(a)
fitness for all the purposes for which goods of the kind in question are
commonly supplied,
(b) appearance and finish,
(c) freedom from minor
defects,
(d) safety, and
(e) durability.

It seems quite obvious that a virus-preloaded gadget will not meet the standard that a reasonable person would regard as satisfactory and that having a password stealing virus represents a lack of freedom from minor defects and in some cases can compromise the safety of the product, among others (and in the US this situation would mean that the product could/should be found to not be of merchantable quality, as established by the Uniform Commercial Code § 2-314). But this situation would only entitle the buyer to cancel the contract for breach of a condition or to get a new product and the preloaded virus may have already compromised your financial information and or other type of private data. Who would be liable then? Can we apply St Albans v ICL to establish that the seller is also liable for the damages causes by its breach of the implied terms? And if the virus starts spamming others as to make you liable to a third party, can you rely in Antiquesportfolio.com PLC v Rodney Fitch Company Limited, so the provider is liable to you for infringing third parties rights?
In the US would be probably possible to go up the stream of commerce and find tortious liability on the manufacturer for losses arising from the virus, but I think that some basics of tort can help in England too. The old and not ageing Donoghue v Stevenson is usually remembered by Lord Atkin’s dicta and his definition of neighbourhood, but its ratio, also delivered by Lord Atkin, was that

[A] manufacturer of products, which he sells in such a form
as to show that he intends them to reach the ultimate consumer in the form in
which they left him with no reasonable possibility of intermediate examination,
and with the knowledge that the absence of reasonable care in the preparation or
putting up of the products will result in an injury to the consumer’s life or
property, owes a duty to the consumer to take that reasonable care.

A far more recent Court of Appeals case, Pearson Education Ltd v The Charter Partnership Ltd, (2007) seems to tell us that the tortious liability will subsist when the defect is latent after some form of inspection…so, Apple, TomTom and others, brace yourselves for a potentially litigious time…