Didier Stevens brought a weak spot in the PDF format specs to the public's eyes: PDF allows external applications to be launched automatically when opening the page, and there were readers out there which didn't even prompt the user for a confirmation.
Nevertheless, even the confirmation dialog Adobe Reader brings up is cluttered and the real command can be hidden and custom text displayed instead. Users that are used to clicking away the MS Word macro dialog will no doubt be inclined to simply accept the request. Even more, once a user has ticked the checkbox to not show the dialog again, commands will be run without further prompting.
Dangerous ground indeed, especially when it's quite simple to craft an exploit which creates and runs a binary executable file from within the PDF, no loading from the web neccessary - it's really that easy, I've made my own proof-of-concept PDF and compared notes with Didier.
So for the time being, don't use older Foxit readers to read foreign PDF files - they already have a patched version out which at least prompts you to confirm the application launch, check back at their website at http://www.foxitsoftware.com/. When using Adobe Reader, disallow the opening of external non-PDF content in the settings.
Read more on the PDF Launch attack at Didier Steven's Blog.
