Symantec First to Provide Immediate Cure for Back Orifice 2000 Trojan Horse
Updated Definition Set Available Now Via LiveUpdate, Symantec Web Site
Cupertino, Calif. July 12, 1999 - Symantec Corporation
(NASDAQ: SYMC) today announced that the researchers at the Symantec AntiVirus
Research Center (SARC) have analyzed and posted a virus definition set to protect
against the Back Orifice 2000 Trojan Horse. This virus definition set is
available now and users of Norton AntiVirus can download the current virus
definition set through LiveUpdate or from the Symantec Web site at
"With the increased connectivity of the Web, malicious programs like Back Orifice
2000 are more of a threat to users than ever," said Enrique Salem, vice president
of Symantec's Security and Assistance Business Unit. "The continual introduction
of new security threats underscores the importance of using an anti-virus
solution backed by innovative technology and a world-class team of dedicated
The Back Orifice 2000 Trojan Horse is a malicious program that was released
Saturday at the DefCon VII computer show in Las Vegas. This program can be used
by hackers to compromise the information and integrity of Windows-based computer
systems. While the initial version of the code was targeted to Windows 95/98
only, Back Orifice 2000 works on Window NT as well.
After its release on Saturday, Back Orifice 2000 will be widely available on the
Web. In addition, the authors of Back Orifice 2000 have made its source code
open to the public, which increased the likelihood that variants of the code will
follow. In order to protect against Back Orifice 2000 and potential variants,
SARC researchers have updated the Norton AntiVirus definitions to detect both the
original Back Orifice 2000 as well as new or unknown variants.
Back Orifice 2000, which may be sent as an e-mail attachment to an unsuspecting
user, manually installed on a computer, or secretly hidden in programs on the
Internet, is a tool consisting of two main pieces: a client application and a
server application. The client application, running on one machine, can be used
to monitor and control a target machine running the server application. The
client can then perform various operations that might compromise the security of
the targeted computer, such as execute any application on the target machine; log
keystrokes from the target machine, restart or lock up the target machine; view
the contents of any file on the target machine; transfer files to and from the
target machine; and display the screen saver password of the current user of the
Symantec AntiVirus Research Center (SARC)
SARC is the industry's largest dedicated team of virus experts. With offices
located in the United States, Japan, Australia, and the Netherlands, the sun
never sets on SARC. The center's mission is to provide swift, global responses to
computer virus threats, proactively research and develop technologies that
eliminate such threats, and educate the public on safe computing practices. As
new computer viruses appear, SARC develops identification and detection for these
viruses, and provides either a repair or delete operation, thus keeping users
protected against the latest virus threats.
Symantec is the world leader in utility software for business and personal computing. Symantec products
and solutions help make users productive and keep their computers safe and reliable anywhere and anytime.
Symantec offers a broad range of solutions and is acclaimed as a leader in both customer satisfaction and
product brand recognition. Symantec is traded on Nasdaq under the symbol SYMC. More information on the
company and its products can be obtained at www.symantec.com.
NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products,
view the Symantec Press Center at www.symantec.com/PressCenter/ on Symantec's Website.
Brands and products referenced herein are the trademarks or registered trademarks of their
respective holders. All prices noted are in US dollars and are valid only in the United States.