Malicious PDFs as XDP files to bypass anti-virus?

Govcert warning

GovCertUK, the UK Government’s Computer Emergency Response Team, issued an alert yesterday about how attackers could bypass gateway anti-virus software to infect organisations, by encoding malicious PDF files into the XDP format.

But don’t panic, if your anti virus software is up to date you should be safe.

XDP is an XML based file format. Opening an XDP file with Adobe Reader or any other PDF reader could potentially infect your computer. As the file is opened the embedded PDF file is written to the hard drive. At that point the anti virus software scanner should detect any malware that may be included.