There are a few exploits making the rounds this week. One of them is a 0-Day for Acrobat Reader. The other, exploits a combination of Microsoft Word features and IE7’s MSHTML rendering engine. When there are no patches available for such things, best practices come in to play. Do not download, click, or open untrusted files. Install a good anti-virus and firewall suite(My personal recomendations are Kaspersky(or Zone Alarm which includes Kaspersky), Avast, Nod or Clam, but ZoneAlarm is by far my favourite of the bunch), don’t open email attachments, and by all means, skip the IE browsers all together and use something like Opera or even FF.
Also, if you do have to use Acrobat Reader, TURN OFF JAVASCRIPT in the preferences!! If you have to use IE7, try to stick to business related work themes(meaning, stop viewing porn and going to your favorite torrent and warez sites). Turn off all add-ons for IE7 and turn off Active-X(That means flash, media player in browser, etc). You can also read up more on protecting your privacy while online. See my blog post here: http://www.twistedpairrecords.com/blog/2009/02/13/internet-privacy-guidelines-firewalls-are-nice-to-block-malware-but-they-do-nothing-to-save-your-privacy/
Sources:
http://isc.sans.org/diary.html?storyid=5899
http://isc.sans.org/diary.html?storyid=5902