For several years now, vulnerabilities in PDF readers (mostly Adobe Acrobat) have been exploited to compromise PCs. The PDF language supports JavaScript, but this is in itself no blatant security issue, because the latest versions of the PDF language thoroughly sandbox JavaScript programs. Most Adobe Acrobat vulnerabilities arise from bugs in the PDF rendering engine or the JavaScript interpreter. This presentation will mainly focus on 2 aspects of the malicious PDF problem. 1) Analyzing malicious PDF documents. Disassembling malicious PDF documents with standard PDF tools has an inherent risk: the tools could contain the same vulnerabilities that the very PDF document we are analyzing exploits in Adobe Acrobat, thus exposing the virus lab to an infection risk. That's why special tools (PDFiD and pdf-parser) were developed to mitigate this risk. Live demos will illustrate these tools. 2) How to protect PCs against infection by malicious PDF documents. Although opening a malicious PDF document with a vulnerable PDF reader is the main avenue of infection, there are also avenues that require less user interaction. The protection techniques presented have the added bonus that they not only protect against malicious PDF documents, but other type of malicious office documents too. And finally, to revive an old security conference custom, a PDF vulnerability will be disclosed which does not only affects PDF documents, but other types of documents too...