Protect yourself against today's (and future) PDF zero-days

3 months after the previous PDF zero-day in June 4, and 3 weeks after various critical security fixes, Adobe advices of a new zero-day exploit that's actively being exploited. "Zero-day" means that even if you have the latest version of Adobe Reader (9.3.4), there's sites out there that can hack you. A lot of users are affected (86% of Chrome users for example have the Adobe Reader plugin).

"Adobe recommends that users follow security best practices by keeping their anti-malware software and definitions up to date." Brian Krebs, however, points out that only 1/4 of the virus scanners catch this. My recommendations for viewing PDF files:

1. [do this first] Disable the Adobe Reader plugin from your browser. 
2. You'll still be able to view PDF files! When you encounter a PDF file that you trust it's safe to view, you can do the following:
• [safest] Upload the PDFs to Google Docs and view its image there. Google has a Chrome extension that does this automatically for you.
• [safe] If you use Google Chrome,  turn on its built-in (and sandboxed) PDF Viewer. There haven't been any reports of breakouts from the Chrome sandbox.
• [safe] Use alternative PDF viewers. Preview on Mac, or for Windows,  Brian Krebs suggests FoxIt, Sumatra or Nitro PDF. On Linux, I've used evince and kpdf in the past. There's also xpdf. All of these are usually less targeted.
• [risky]  Download it in your desktop, and open it in Adobe Reader. This is still dangerous,  but at least random hacked pages won't auto-load invisible PDFs. If you do this, at least disable Javascript from Adobe Reader.