http://www.adobe.com/support/security/advisories/apsa07-04.html

Seems that there is a vulnerability in Adobe reader before 8.1.

More on this:
Only Windows XP users running Internet Explorer 7 are at risk, Adobe said.

Suggestion is to upgrade to latest Acrobat Reader, but that may break some applications.

Javacool of SpywareBlaster fame has issued a little tweak tool for the Windows registry to stop the issue on Reader 8:
http://www.javacoolsoftware.com/pdffix.html
:)

Also found an explanation from another source:
http://www.heise-security.co.uk/news/97094

Microsoft first said it was not responsible since the issue is related to a non-Microsoft application, but is now investigating since Windows 2003 may be affected by several other problems with how the URLs are handled.

And more:
http://www.heise-security.co.uk/news/97139
According to an advisory by security service provider Secunia, Outlook Express and Outlook 2000 are also affected by the Windows URI problem.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9041278&taxonomyId=17&intsrc=kc_top

Another work around is to use Foxit reader instead.

Well, it has been nearly a month since this story broke.

Adobe issued a fix/update but...

http://www.news.com/Report-PDF-files-used-to-attack-computers/2100-7349_3-6215656.html

I have been using 8.1.1 since the update was made available, it takes some adjustment but should be safe.

A security update for Adobe Acrobat Reader, which opens PDF files, was made available a few days ago, but many users have not updated the program yet, Hypponen said.

Come on folks...

I would have preferred their doing an update for the problem in Reader 7, otherwise a good piece of software, but the risk of doing nothing is just too great to do nothing to protect yourself.

Yeah, me too...but since my wife gets an occasional PDF that was made with 8 and can't be read in 7...but KPDF handles them very well, so...:D