Yesterday I landed on a filehost site and I believe there may have been a malicious banner ad. Anyhow it executed a php file named pdf.php (this went on without the slightest objection by AVG antivirus). Luckily in a bit of foresight I had switched off all javascript in my Adobe Acrobat so I then got a prompt asking me whether I want to switch it on which of course I didn't. That was a narrow escape and reminded me how easy it is to catch a bug these days.