PDF readers may also be within the documents they're rendering. Make sure your PDF reader is secure; consider disabling JavaScript within it.

AutoRun is a major threat vector for viruses and other malware in Windows XP and Windows Vista. [Editor's note: Simson Garfinkel " all the way back in 2006.] With this function, the operating system automatically begins executing a program when it sees an autorun.inf file in the root directory of a new drive, such as a network drive, a CD or a flash drive. So, if you haven't yet moved to Windows 7, make sure you've got all the security updates for the OS version you are running. (See .)

With Windows 7, all the security settings are "No Autorun." When you attach external media like CDs, DVDs, SD cards and USB flash drives, they will give you a dialog box offering to run a program, but by default, nothing happens automatically.

10th commandment: Consider application whitelisting and other controls "Whitelisting" refers to a list of everything you allow on your computer, including e-mail addresses your mail program can accept, Web sites your browser is allowed to connect to and applications the operating system is allowed to run. Whitelisting may not be a match for e-mail or Web browsing, but for preventing unwanted applications from running--such as malware or zero-day attacks--it may be a good additional tool.