Security is Important at Microsoft. Yeah, Right!

Q: How important is an awareness of security issues if you want to work at Microsoft?
A: See below

N.B. This is a completely unsolicited email. Simply a cold-call on account of some database technology keywords in my resume. I had never had contact with the sender before.

From: Jxxxxxxx Ixxxxxx (xxxxx xxxxxxxx)
Sent: Monday, April 12, 2004 3:24 PM
To: Jeff Evarts (xxxxxxxxx@earthlink.net)
Subject: Jeff Evarts - Microsoft Phone Interview
Importance: High

RE: Jeff Evarts-Opportunities at Microsoft! [dc]

Hi Jeff-

I'm a recruiter for the SQL Server team at Microsoft in Redmond,
Washington. I am interested in scheduling a telephone interview with
you for our team to learn more about your background, interests and
work experience.  We have a number of job opportunities available. All
of the positions that we recruit for are located in Redmond. If you
are interested, our senior technical recruiter, Dxxxxx Cxxxxx, has the
following time available to speak with you:

Monday, April19 at 12:30pm PDT

I would appreciate your time to answer the attached questions to
assist me in identifying roles that would be an appropriate match for
your current skill set and interests. This should take 10-15 minutes
of your time to complete. Please also forward me a current copy of
your resume.

I will be following up with you after reviewing your pre-interview
questionnaire.

Best Regards,: 

Jxxxxxxx Ixxxxxx

Microsoft Recruiting

x-xxxxvx@microsoft.com

http://www.microsoft.com/careers

-----------------------------------ATTACHMENT----------------------------------

                                           Name: local email interview
                                                 form DC.doc
                                           Type: Microsoft Word
   local email interview form DC.doc             Document
                                                 (application/msword)
                                       Encoding: base64
                                    Description: local email interview

I did confirm that this was a legitimate email. This is an "official" attempt at a contact from Microsoft.

If you don't see anything odd, well...

The .doc in question (downloaded on OpenBSD as a file and examined) contains scripting elements, just as most forms do. So opening this attachment would bring up the "warning: this has scripting blah blah blah" message, along with an "OK" or "Cancel".

Apparently Microsoft is actively seeking people who would not only open an attachment on an unsolicited email from someone they've never had contact with before, but also someone who would click past the potential warning messages in order to open it.

Tell us more about your new focus on security issues, Microsoft.

-Jeff

Back to Jeff's Humor Page