Re: Security is Job One at Microsoft
"Of course opening documents from unknown sources is a security risk."
OK, let me ask a rhetorical question here: Why should opening a document (from whatever source, in whatever format) be a security risk? Isn't it rather that using certain applications is a security risk?
A software vulnerability is, without exception, a software malfunction (a.k.a. bug.) By telling users to be "careful where that document comes from", "not 'open' emails from unknown sources", "not click on links to unknown sites", you're putting the blame for malfunctioning software on the user instead of the creator/publisher/vendor of the software – "we told you to be careful." But that appears to be generally accepted now.
And if anybody wants me to rant a bit more, ask me about why software companies can shed all liability for their software with the inclusion of a single paragraph in their small print.