PDFs now as rock-solid secure as ActiveX
It's a verified bug: PDF files can be used to take over your PC. Adobe's mistake was adding support for ever-sloppy JavaScript inside the once-benign PDF format. Core Security, the company that outed the vulnerability, says, "An attacker could put malicious code in JavaScript embedded in a PDF and [...] could manipulate the program's memory allocation pattern and trigger the vulnerability to execute arbitrary code with the privileges of the user." Great. I can hardly wait to reinstall Paul's PC after he pretends to read another of those ethics-in-journalism PDFs.