Symantec’s Enterprise Security Manager First and Only Solution to Protect Against the Four Most Common Microsoft NT Vulnerabilities Used in Recent Eastern European Hack Attacks

CUPERTINO, Calif.–(BUSINESS WIRE)–March 14, 2001–Symantec Corporation (Nasdaq:SYMC) today announced its award-winning vulnerability assessment solution Enterprise Security Manager (ESM) detects and protects against the four most common Microsoft NT vulnerabilities. These vulnerabilities recently allowed Eastern European hacking groups to exploit top e-commerce sites in the largest series of hacks to date.

“The two most common methods used to break into systems are exploiting unpatched operating system holes and cracking weak passwords. These latest attacks are obvious examples of the first case,” said Rob Clyde, vice president and chief technologist for Symantec’s Enterprise Solutions Division. “Eighty percent of attacks could be prevented if sites made sure they kept their patches up to date and their passwords were not easily guessed. ESM ensures sites are protected against both of these threats and Symantec has tremendous resources behind it to keep ahead of the latest vulnerabilities, ensuring our customers have the most current protection available.”

According to the SANS Institute, a leading security research organization, these recent attacks have compromised 40 sites in 20 states, and hackers have stolen more than a million credit cards. The resurgence in hacks exploiting these vulnerabilities prompted the National Infrastructure Protection Center (NIPC) to re-issue an advisory concerning illegal hacker activity on U.S. e-commerce, and e-banking systems. These hacks are under investigation by the FBI and Special Services. The full advisory can be viewed at http://www.nipc.gov/warnings/advisories/2001/01-003.htm.

Attackers are infiltrating the targeted sites and gaining access to customer databases, credit card databases, and company proprietary information. They are using this information to extort money from the affected companies and in some cases, being sold to organized crime groups. These attacks are actively exploiting vulnerabilities that have been widely known, in some cases, for over a year. All of the exploited vulnerabilities have security patches readily available.

Symantec Enterprise Solutions

Symantec customers worldwide utilize the award-winning ESM solution to automatically check, manage and enforce sound security practices across the enterprise, including workstations, file servers, Web servers, and other key Internet access points worldwide. Symantec has developed new ESM patch and registry templates, available now to more specifically identify all four vulnerabilities at the host level. These templates integrate directly into ESM and can be downloaded from http://www.symantec.com/avcenter/sirc/ecommerce.vulnerabilities.html. Additionally, hot fixes can be downloaded directly from Microsoft’s TechNet Security page, http://www.microsoft.com/technet/security/nipc.asp.

Through ESM’s sophisticated file monitoring and host-based assessment capabilities, customers can proactively manage and detect these and many other threats as part of a comprehensive security policy. ESM’s startup files module detects running services in violation of an organization’s security policy, and the password strength module detects inadequate passwords. The file watch and file attributes modules of ESM track changes and security settings in critical files that are exploited in the majority of Internet attacks to enable the customer to quickly respond and rectify potential security threats. Only ESM’s scalability and automation let organizations easily assess thousands of systems for security compliance, including the most recent security patches and configurations for popular operating systems.

Symantec Enterprise Security

ESM is key components of Symantec Enterprise Security that provides corporations with a comprehensive and modular Internet security solution. The solution allows customers to manage the complete security lifecycle of their computing environment from assessment and planning to implementation and monitoring.

Symantec Enterprise Security enables customers to build the best security solution for their organization by choosing from Symantec’s best-of-breed, multi-platform Internet security products; manageability and administration tools; and world-class professional services and support. Symantec Enterprise Security also includes the Digital Immune System, Symantec’s unique technology for automatic detection and cure of security threats.

About Symantec

Symantec, a world leader in Internet security technology, provides a broad range of content and network security solutions to individuals and enterprises. The company is a leading provider of virus protection, vulnerability assessment, intrusion prevention, Internet content and e-mail filtering, remote management technologies and security services to enterprises around the world. Symantec’s Norton brand of consumer security products leads the market in worldwide retail sales and industry awards. Headquartered in Cupertino, Calif., Symantec has worldwide operations in 36 countries. For more information, please visit our Web site at www.symantec.com.