Pulling up the web page reveals the right html. If not the webserver itself perhaps the content owner fubared their machine. Joshua Jore Minneapolis Ward 3, precinct 10 ---------- Forwarded message ---------- Date: Wed, 19 Sep 2001 16:54:46 -0500 From: jjore at imation.com To: josh at greentechnologist.org Subject: Please tell me I'm wrong: microsoft.com infected ----- Forwarded by Joshua b. Jore/IT/Imation on 09/19/01 05:00 PM ----- "Steve Cody" <security at gulbrandsen.com> 09/19/01 02:37 PM To: <incidents at securityfocus.com> cc: Subject: Please tell me I'm wrong: microsoft.com infected I just went to http://www.microsoft.com/frontpage, and my Symantec Norton Antivirus popped up and denied access to readme.eml. I could not view the source of the loaded page, so I can't verify that it is definitely infected. Steve ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com