Press Release

LinkedIn Facebook Twitter RSS

Symantec First to Provide Comprehensive Solution to Combat Latest Integrated Threat -- CODERED

Integrated, Targeted Cybercrimes That Require Global 24/7 Multi-Tiered Anti-Virus, Vulnerability Assessment and Intrusion Detection Protection are on the Rise

CUPERTINO, Calif. - July 20, 2001- Symantec Corp., a world leader in Internet security, today announced the first comprehensive solution to combat the CodeRed computer worm that exploits a known vulnerability (buffer overflow) in Microsoft’s Index Server. Using a known vulnerability, CodeRed unleashes a worm that launches a denial-of-service attack and defaces Web sites. It also implements traditional worm payload activities such as replicating to infect as many systems as possible. Visit for detailed information on the worm.

"More and more predators are leveraging virus and hacking techniques to break into PCs or to shut down Web sites – techniques such as those used in the unsuccessful denial-of-service attacked on the White House Web site yesterday," said Rob Clyde, vice president and CTO of Symantec. "Since attacks are becoming more sophisticated and targeted, corporations need to be using solutions that protect network systems at all points of entry. Consumers are also vulnerable to such attacks and should ensure their home computer systems are updated with the latest security solutions."\

Symantec is the only Internet security solutions provider to offer comprehensive global 24/7 protection against integrated threats, including the CodeRed attack:

  • Enterprise Security Manager —Symantec's policy compliance and vulnerability management system, helps manage security patch update functions. Two patch templates are available that detect the underlying vulnerability on Windows NT 4.0 and Windows 2000 servers.
  • NetProwler – Symantec's network-based intrusion detection tool, with Security Update 8 installed, is capable of detecting attempts to attack IIS 4.0 and 5.0 servers through this vulnerability.
  • NetRecon – Symantec’s network vulnerability assessment tool will be updated to detect if this vulnerability exists on a system and if so will provide recommendations on how to fix it.
  • Symantec Enterprise Firewall (Raptor Firewall) – Symantec's application inspection firewall, by default, blocks suspect outbound data traffic from web servers, like IIS, when operating on the firewall's service network, thereby stopping the propagation of this, as well as other types of attacks.
  • Free "FixCodeRed" Assessment Tool – For users who do not have any of the above products, this special tool, available from, detects the presence of the worm on an NT system.
  • Symantec Security Check – This service,, has been updated to scan if a system is vulnerable to this exploit.
  • Norton Internet Security – Symantec’s integrated security and privacy suite for consumers is updated by a new rule to block suspect outbound data traffic from the IIS server.

About Symantec
Symantec, a world leader in Internet security technology, provides a broad range of content and network security solutions to individuals and enterprises. The company is a leading provider of virus protection, firewall and virtual private network, vulnerability management, intrusion detection, Internet content and e-mail filtering, remote management technologies and security services to enterprises around the world. Symantec's Norton brand of consumer security products leads the market in worldwide retail sales and industry awards. Headquartered in Cupertino, Calif., Symantec has worldwide operations in 37 countries. For more information, please visit

NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.

Symantec, the Symantec logo, AXENT, AXENT Technologies, and the AXENT logo are trademarks or registered trademarks, in the United States and certain other countries, of Symantec Corporation or its subsidiaries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.

FORWARD LOOKING STATEMENT:This press release contains forward-looking statements that involve known and unknown risks, uncertainties and other factors that may cause our actual results, levels of activity, performance or achievements to differ materially from results expressed or implied by this press release. Such risk factors include, among others: the risks that current global adverse economic conditions and reduced spending will continue or worsen; currency exchange fluctuations will adversely affect our results; the continuing integration of the Symantec and AXENT will not be successful; the difficulty of developing and marketing products that compete effectively with others and other economic, business, competitive and/or regulatory factors affecting Symantec's business generally. Actual results may differ materially from those contained in the forward-looking statements in this press release. Additional information concerning these and other risk factors is contained in the Risk Factors sections of the Company's previously filed Form 10-K for the year ending March 30, 2001.