Zeus exploits the "/Launch" design flaw to embed attack code in the document. The article explains:
When users open the rogue PDF, they're asked to save a PDF file called 'Royal_Mail_Delivery_Notice.pdf.' That file, however, is actually a Windows executable that when it runs, hijacks the PC.
This may be the beginning of the PDF attack wave predicted by Mickey Boodaei, CEO of security company Trusteer.