In Adobe Reader and Acrobat under Prefernces>Trust Manager there is an option to allow the opening of other content using external applications. Even with warnings user tend to click first and ask questions later. From my perspective these warnings are useless and malware creators know that you play the odds which are in their favor, namely that a user will not heed the warnings. 

Adobe is warning users to disable the option to trust and open non-PDF file attachments. This is one of the many setting recommended in pervious post. Users also may consider setting up a sand-boxed Preview.app for opening PDF files from the web. I have tested this with several configurations and it does appear to limit the effectiveness of exploits in PDF files but is not full proof.