CUPERTINO, Calif. - May 18, 2000 - Symantec Corp. (NASDAQ: SYMC) today announced that researchers at the Symantec AntiVirus Research Center have identified VBS.LoveLetter.FW.A a polymorphic variant of the LoveLetter virus with an extremely destructive payload.
Characteristics Of Infection
VBS.LoveLetter.FW.A is an Internet worm that uses Microsoft Outlook to spread itself as an attachment with the subject line ³FW: [attached file name] along with the attachment listed in the subject line.
The virus randomly chooses a recently opened file from the Start/Document folder in the Microsoft Start menu and attaches it to the email as a .vbs file. Each time the virus spreads, it mutates itself to evade detection.
Preliminary findings indicate that the worm sends a mutated version of itself to all addresses in the computer user¹s Outlook address book causing mail servers to clog. Additionally, once the attachment is opened, the virus overwrites numerous files and renders the computer inoperable. This affects both local and network drives, including mapped networked drives where the user has write access rights.
Virus Threat Severity Assessment
VBS.LoveLetter.FW.A is currently classified as a category four alert -- Dangerous threat type that is difficult to contain. The SARC Threat Severity Assessment evaluates computer threats and classifies them into one of five categories, with Category 5 being the most severe, and Category 1 the least severe.
As a first line of defense, SARC recommends administrators filter for emails with a subject line containing the word ³FW² along with an attachment with a .vbs extension.
Symantec AntiVirus Research Center
SARC is one of the industry¹s largest dedicated team of virus experts. With offices located in the United States, Japan, Australia, and the Netherlands, the sun never sets on SARC. The center¹s mission is to provide swift, global responses to computer virus threats, proactively research and develop technologies that eliminate such threats, and educate the public on safe computing practices. As new computer viruses appear, SARC develops identification and detection for these viruses, and provides either a repair or delete operation, thus keeping users protected against the latest virus threats.
Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com.
NOTE TO EDITORS: : If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at http://www.symantec.com/PressCenter/ on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.
Symantec, the Symantec logo, VERITAS, and the VERITAS logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and certain other countries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.
FORWARD LOOKING STATEMENT: This press release contains forward-looking statements. There are certain important factors that could cause Symantec's future development efforts to differ materially from those anticipated by some of the statements made above. Among these are the anticipation of the growth of certain market segments, the positioning of Symantec's products in those segments, the competitive environment in the software industry, new security threats, dependence on other products, changes to operating systems and product strategy by vendors of operating systems, and the importance of new Symantec products. Additional information concerning those and other factors is contained in the "Risk Factors" section of the company's annual report on Form 10-K for the fiscal year ended April 2, 1999.