{"id":1145,"date":"2025-09-10T04:05:58","date_gmt":"2025-09-10T00:05:58","guid":{"rendered":"https:\/\/www.actutech.app\/apple-says-the-iphone-17-comes-with-a-massive-security-upgrade\/"},"modified":"2025-09-10T04:05:58","modified_gmt":"2025-09-10T00:05:58","slug":"apple-says-the-iphone-17-comes-with-a-massive-security-upgrade","status":"publish","type":"post","link":"https:\/\/www.actutech.app\/en\/apple-says-the-iphone-17-comes-with-a-massive-security-upgrade\/","title":{"rendered":"Apple says the iPhone 17 comes with a massive security upgrade"},"content":{"rendered":"<figure>\n<p><img decoding=\"async\" alt=\"\" data-caption=\"\" data-portal-copyright=\"\" data-has-syndication-rights=\"1\" src=\"https:\/\/platform.theverge.com\/wp-content\/uploads\/sites\/2\/2025\/09\/IMG_0166.jpg?quality=90&amp;strip=all&amp;crop=0,0,100,100\" \/><figcaption>\n\t\t<\/figcaption><\/p><\/figure>\n<p class=\"has-text-align-none\">It\u2019s less noticeable than a thinner profile or trick camera lenses, but Apple is <a href=\"https:\/\/security.apple.com\/blog\/memory-integrity-enforcement\/\" target=\"_blank\" rel=\"noopener\">pointing out another upgrade<\/a> in the iPhone 17 family of phones that it says is part of \u201cthe most significant upgrade to memory safety in the history of consumer operating systems.\u201d Explicitly targeting the spyware industry that produces exploits for tools like Pegasus to hack on targeted devices, a series of changes in Apple\u2019s chips, OS, and development tools are part of what it calls Memory Integrity Enforcement (MIE).<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"has-text-align-none\">With the introduction of the iPhone 17 lineup and iPhone Air, we\u2019re excited to deliver Memory Integrity Enforcement: the industry\u2019s first ever, comprehensive, always-on memory-safety protection covering key attack surfaces \u2014 including the kernel and over 70 userland processes \u2014 built on the Enhanced Memory Tagging Extension (EMTE) and supported by secure typed allocators and tag confidentiality protections.<\/p>\n<\/blockquote>\n<p class=\"has-text-align-none\">The approach is similar to what we\u2019ve seen from Microsoft\u2019s introduction of <a href=\"https:\/\/learn.microsoft.com\/en-us\/windows\/security\/hardware-security\/enable-virtualization-based-protection-of-code-integrity?tabs=security\" target=\"_blank\" rel=\"noopener\">memory integrity security features for Windows 11<\/a>, as well as a series of changes that have arrived to prevent speculative-execution vulnerabilities like Spectre. Apple\u2019s blog post also mentions efforts by ARM with the Memory Tagging Extension (MTE) to fight memory bugs, which is supported on Google\u2019s Pixel phones starting with the Pixel 8 series and <a href=\"https:\/\/security.googleblog.com\/2025\/05\/advanced-protection-mobile-devices.html\" target=\"_blank\" rel=\"noopener\">enabled for supported apps<\/a> if you turn on Advanced Protection.\u00a0<\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">\ud83d\udd3aiPhone models announced today include Memory Integrity Enforcement, the culmination of an unprecedented design and engineering effort that we believe represents the most significant upgrade to memory safety in the history of consumer operating systems. <a href=\"https:\/\/t.co\/ule9gaXzc1\" target=\"_blank\">https:\/\/t.co\/ule9gaXzc1<\/a><\/p>\n<p>\u2014 Ivan Krsti\u0107 (@radian) <a href=\"https:\/\/twitter.com\/radian\/status\/1965480559368699936?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener\">September 9, 2025<\/a><\/p><\/blockquote>\n<\/div>\n<\/figure>\n<p class=\"has-text-align-none\">Apple says its implementation goes a step further, with the ability to protect all users by default and by designing its A19 and A19 Pro chips for enhanced security, while still adding memory safety changes for older hardware that doesn\u2019t support the new memory tagging features. The company also says its new mitigation for Spectre V1 leaks works with \u201cvirtually zero CPU cost\u201d \u2014 as performance hits <a href=\"https:\/\/www.theverge.com\/2022\/10\/6\/23390623\/microsoft-windows-11-disable-security-features-improve-gaming-performance\" target=\"_blank\" rel=\"noopener\">have been an issue<\/a> for memory integrity and <a href=\"https:\/\/www.theverge.com\/2018\/1\/9\/16868290\/microsoft-meltdown-spectre-firmware-updates-pc-slowdown\" target=\"_blank\" rel=\"noopener\">other<\/a> security features \u2014 with all of the changes making \u201cmercenary spyware\u201d even more expensive to develop.\u00a0<\/p>\n<p class=\"has-text-align-none\">The folks behind the security-focused GrapheneOS project acknowledged the \u201cmajor security improvements\u201d that will help iPhone security in a post on X, but <a href=\"https:\/\/x.com\/GrapheneOS\/status\/1965510413799260427\" target=\"_blank\">also said<\/a> they had issues with the presentation and how it portrayed iOS security versus features like MTE, already released for Android. We\u2019ll learn more about how much has changed once these updates reach devices and attackers take their turn trying to crack open the iPhone 17 and iPhone Air\u2019s security.<\/p>","protected":false},"excerpt":{"rendered":"<p>It\u2019s less noticeable than a thinner profile or trick camera lenses, but Apple is pointing out another upgrade in the [&hellip;]<\/p>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1145","post","type-post","status-publish","format-standard","hentry","category-non-classe"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.actutech.app\/en\/wp-json\/wp\/v2\/posts\/1145","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.actutech.app\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.actutech.app\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.actutech.app\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.actutech.app\/en\/wp-json\/wp\/v2\/comments?post=1145"}],"version-history":[{"count":0,"href":"https:\/\/www.actutech.app\/en\/wp-json\/wp\/v2\/posts\/1145\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.actutech.app\/en\/wp-json\/wp\/v2\/media?parent=1145"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.actutech.app\/en\/wp-json\/wp\/v2\/categories?post=1145"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.actutech.app\/en\/wp-json\/wp\/v2\/tags?post=1145"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}