Nothing much but YES to agree with Didier Stevens with his statement:
PDF + JS = OMG
Yerp.. there is another vulnerability (CVE-2009-3459) in Adobe Reader and Acrobat today (GMT +8) and so far it is still 0 day..
*panic panic* What to do?
- Enable DEP (for Windows)
- Use NoScript
- Use alternative PDF reader like Foxit, Gnome Document Viewer, yada yada..
- Don’t be a lame by opening unknown PDF attachment