Looks like a Boojum to me (and it IS -- see Reuters article below --
thanks Kathy)
It's certainly not from Microsoft --> theirs would be a microsoft.com
addy, AND, besides, Microsoft makes YOU go get the updates, they don't
email 'em.

Caveat user -- and a pox on those damnable virus & worm programmers.....

=grrrrr=

On Mon, 19 May 2003 17:06:31 -0700 (PDT) Michael Nellis
 writes:
> Hi, folks.
> 
> --- MS Security Division  wrote:
> 
> > this is the latest version of security update, the
> > "May 2003, Cumulative Patch" update which eliminates all
> > known security vulnerabilities affecting Internet Explorer,
> 
> Yeah, so I'm kind of curious about the file attached to this 
> message
> so I select the Yahoo SCAN FILE option and the Norton checker tells
> me there is virus in the file.  Does anybody know anything about 
> this?
> 
> =====
> Did you ever hear anyone say, "That work had better be 
> banned because I might read it and it might be very 
> damaging to me"? --Joseph Henry Jackson
> 
> From the Lair of Fang-Face DreamWeaver
> and The Encyclopedia Michael Nellis
> http://www.angelfire.com/scifi/dreamweaver/index.html
> 
> __________________________________
> Do you Yahoo!?
> The New Yahoo! Search - Faster. Easier. Bingo.
> http://search.yahoo.com
> 
> 


====
Technology - Reuters

Internet Worm Disguised as E-Mail from Microsoft
Mon May 19, 3:09 PM ET  Add Technology - Reuters to My Yahoo!



SAN FRANCISCO (Reuters) - A new computer worm that disguises itself as an
e-mail from Microsoft Corp. is spreading, computer security firms warned
on
Monday.

The e-mail containing the worm, dubbed Palyh or Mankx, appears to come
from
support{at}microsoft.com, but is not from the software company.

When the attachment is opened, the worm copies itself to the Windows
folder,
scoops up e-mail addresses from the hard disk and starts sending itself
out,
said U.K-based Sophos.

The malicious program can spread itself to other Windows machines on a
local
area network, anti-virus vendors said.

It also can secretly install spyware programs, according to Moscow-based
Kaspersky Labs in a news release.

However, Christ Belthoff, a senior product manager at Sophos, said his
firm
has found no evidence that it installs spyware, or a program that
eavesdrops
on computer users.

"This is not a widespread outbreak," he added.

The worm is programmed to expire automatically on May 30, according to
Symantec Corp.
It began spreading on Saturday and has apparently infected computers in
69
countries, according to MessageLabs.

A Microsoft spokesman said the company never sends out unsolicited mass
e-mails with attachments.

--- Rachel's Little NET2FIDO Gate v 0.9.9.8 Alpha