

Malicious PDFs: How to Protect Yourself - themindhack
http://securitybits.net/malicious-pdf-how-to-protect
Malicious documents were the most commonly encountered exploit via the Web in 2008 and continued to be the most prominently encountered exploit in 2009. This is due to a large number of exploits for programs like Adobe Acrobat and the Microsoft Office suite, the ubiquitous use of documents via the Web and the built-in support into the browser.
======
mullr
The trouble is that a pdf doesn't feel like an executable file. It feels like
a simple document. Even though I know better, I don't think I treat it with
the same caution as downloading a program or even a word file. Perhaps that
will change with time.

------
ScottWhigham
Suggesting that users use Google Docs to open all PDF files is just too far
for non-security nuts. GDocs is fairly okay for when you know the url to the
PDF but at least 50% of the time I don't know the url. For example, if I have
in Google and see a PDF as search results, the url is a google url, not the
url to the PDF.

And most of the time, the malicious attacks occur as an email attachment. Can
GDocs open this? Not that I know of.

