Security response teams at Adobe and FoxIt are investigating ways to mitigate a new PDF hack that allows the execution of an embedded executable without exploiting any security vulnerabilities. A demo of the PDF hack has been published to show how a hacker could employ social engineering techniques to launch code execution attacks if a user simply opens a rigged PDF file. Foxit Software, which markets an alternative to Adobe s Reader, plans to ship a patch very soon to address this issue. A future Adobe Reader update will likely feature stricter warnings when dealing with embedded executables using the /launch command.
Source: https://threatpost.com/adobe-foxit-investigating-way-mitigate-pdf-hack-040110/73771/