Seeing Mail(Demons)? Technique, Triggers, and a Bounty

Read the original article: Seeing Mail(Demons)? Technique, Triggers, and a Bounty

Impact & Key Details (TL;DR) :

Demonstrate a way to do a basic heap spray
We were able to use this technique to verify that this vulnerability is exploitable. We are still working on improving the success rate.
Present two new examples of in-the-wild triggers so you can judge by yourself if these bugs worth an out of band patch
Suggestions to Apple on how to improve forensics information / logs and important questions following Apple’s response to the previous disclosure
Launching a bounty program for people who have traces of attacks with total bounties of $27,337
MailDemon appears to be even more ancient than we initially thought.