Consider the following situation :
1. Somehow my boss's system got infected with a malware ( He visited one of the Java exploits website).
2. He sends a PDF document containing the requirement document of a new project coming up ( the malware infected this PDF).
My OS and antivirus are all patched. So the PDF will look OK to be opened by me, and I will go ahead and open that PDF.
How do one protect from such type of attacks ? ( AFAIK, operation aurora against google used this technique only).
And considering the PDF sent to me is a confidential business document, I cannot even upload those to sites like virustotal.com so even if it had a 0 day infection, antivirus companies won't be able to create signature of it.
Thanks !