According to the latest news we are likely to consider NSA as pure evil. Reality is that NSA does even what she is designed for: protect US citizens.
Regarding to the computer’s world, NSA releases a quite good documentation on how to secure systems and softwares.
I’ve followed the directives to enforce the installation of Adobe Acrobat Reader X (document is designed also for XI) and I’ve found it really useful.
Document is designed for systems that are accessed by more than one user and describes how to lock or unlock definitely some options directly in the Windows Registry, bypassing the user settings. Also is described how to set advanced options and operate on menus and program capabilities.
The hardening of Acrobat Reader XI (ARXI) or X will prevent future attacks via malicious pdf documents, introducing limitations to the executable external code and interactions with the computer resources, blocking spear-phishing attempts and much more.
Following these guidelines, maybe after rising the level of UAC to the highest possible will considerably reduce the probability of being victim of pdf attacks.
You can download the PDF here: LINK TO NSA.GOV
Obviously you have to know how to move in the Windows Registry. Even if W.R. is really a bad piece of design, responsible of many of the Windows problems, at least it gives to Windows Registry cowboys the capability of setup options and flags unavailable by the user settings of the programs.
In this case, in particular, you have to add manually the registry values you need because they are not available by default and maybe not so much documented.
Other than this resource, I advice you to browse other whitepapers on how to enforce even other operating systems, like Solaris or like GNU/Linux (RHEL 5), this in particular is well written and full of informations on how to harden Linux systems and services.