CUPERTINO, Calif. - Aug. 16, 2004 - Symantec Corp. (NASDAQ: SYMC), the global leader in information security, today announced a broader distribution strategy for Symantec ON iPatch with the release of version 1.1, an easy-to-use patch management solution designed to protect an organization's infrastructure from known vulnerabilities. Previously sold in conjunction with Symantec ON iCommand, Symantec's open and scalable configuration management solution for enterprise environments, Symantec ON iPatch will soon be available as an affordable standalone solution for small and medium-sized organizations through Symantec's extensive network of worldwide distributors and resellers.

Symantec ON iPatch provides organizations with the tools to help IT administrators automate the otherwise tedious patch management process. Symantec ON iPatch will quickly and proactively determine the patch status of an organization's computer systems, identify missing Microsoft security patches and automatically install them on individual computers, groups of computers or across the entire organization simultaneously.

"With the number of threats on the increase, and security and software fixes being released more frequently than ever before, the implementation of a reliable patch management solution has become a critical component of an organization's overall lifecycle management plan," said Thom Bailey, director of product management, enterprise administration, Symantec Corporation. "By broadening our distribution strategy for Symantec ON iPatch, Symantec extends the benefits of this easy-to-use and affordable patch management solution to small and medium-sized organizations."

Symantec ON iPatch simplifies and accelerates the patch deployment process by eliminating the need to install an agent on the target computer. In addition to this agentless approach, large organizations, which require a full lifecycle management solution in a highly distributed environment and prefer an agent-based model, may implement Symantec ON iPatch in conjunction with Symantec ON iCommand.

Symantec ON iPatch 1.1 is a critical component in Symantec's strategy to provide solutions that protect the integrity of an organization's information by addressing three key aspects of its infrastructure: security, systems and storage management. Symantec ON iPatch 1.1 features the following capabilities:

• Multiple Scan Options - Symantec ON iPatch includes customizable scan configuration templates that support scanning by IP address, computer name, domain name, Active Directory organizational unit, or files containing IP addresses or computer names. The scan configuration templates provide multiple scanning options that allow IT administrators to scan for missing and/or installed patches.
• Patch Identification - The Symantec ON iPatch engine utilizes an Extensible Markup Language (XML) file that contains information on which patches are available, the files, file versions and checksums in each patch and their locations on the scanned computer.
• Scanning and Deployment Engine - The Symantec ON iPatch scanning and deployment engine identifies the appropriate patch and installation switches for each computer and provides either the installation or rollback parameters necessary to install or remove the patch in a silent and unattended manner. An easy-to-use patch deployment template provides the IT administrator with scheduling, reboot and validation options, including the option of removing temporary installation files. After the scanning process, patches can be deployed manually or automatically according to policies set up by the IT administrator.
• Reporting - The Symantec ON iPatch reporting module supports a wide variety of filtering and export options to generate custom reports. Reports include detailed information on each computer scanned, missing patches and information about each security patch, including the Microsoft Bulletin ID, the Knowledge Base Article (KB Number) and the severity.
• Security - Symantec ON iPatch performs detailed patch analyses and validations to differentiate between legitimate files and trojaned or regressed files. All patches undergo three signature validation checks and once deployed, are stored in a location on the remote computer with tight security permissions. If any of the validation checks fail, the patch will not be deployed.
• Standards-Based Architecture - Symantec ON iPatch leverages industry standards such as the JET and SQL databases for storing patch scan results, XML for accessing the patch information database and Active Directory for accessing user and group information.

Availability
Symantec ON iPatch, based on the award-winning Shavlik HFNetChkPro technology, was licensed through an OEM agreement with Shavlik Technologies as part of Symantec's acquisition of ON Technology earlier this year. Symantec ON iPatch 1.1 is scheduled to be available in mid-August through Symantec's worldwide network of distributors and resellers. For additional product information call (800) 745-6054 or visit http://sea.symantec.com. To obtain licensing information or to locate a reseller, visit http://enterprisesecurity.symantec.com/license on the World Wide Web.

About Symantec
Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com.

NOTE TO EDITORS: : If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at http://www.symantec.com/PressCenter/ on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.

Symantec, the Symantec logo, VERITAS, and the VERITAS logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and certain other countries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.