Read the original article: Seeing (Mail)Demons? Technique, Triggers, and a Bounty
Impact & Key Details (TL;DR) :
- Demonstrate a way to do a basic heap spray
- We were able to use this technique to verify that this vulnerability is exploitable. We are still working on improving the success rate.
- Present two new examples of in-the-wild triggers so you can judge by yourself if these bugs worth an out of band patch
- Suggestions to Apple on how to improve forensics information / logs and important questions following Apple’s response to the previous disclosure
- Launching a bounty program for people who have traces of attacks with total bounties of $27,337
- MailDemon appears to be even more ancient than we initially thought.
Continue reading Seeing (Mail)Demons? Technique, Triggers, and a Bounty at ZecOps Blog.
Read the original article: Seeing (Mail)Demons? Technique, Triggers, and a Bounty