Analysing the PDF Exploit

[SysAdMini]

http://web17.webbpro.de/index.php?page=analysing-the-pdf-exploit

I want to present my results from my analysis of the Adobe PDF Exploit from March 2009. It allows to execute any Win32 code due to a bug in the jbig2 compression. The bug has currently (date 3rd March 2009) been fixed only internally, but Adobe wants to provide an update on March 11th. There are all Adobe Reader versions since 2007 vulnerable (Adobe Reader 7.0 and higher are affected). The percentage of exploiting PDFs that use this bug is very low, it is not wide spread.