Home

Podfeet Podcasts

Security Bits logo - a green padlock with the words Security Bits to the right and in tiny letters below ithat it says 10101010 indicating a digital lock

Security Bits — 14 September 2025

  • by podfeet

    • Feedback & Followups

    • Some clarity has emerged on the spate of Salesforce-related data breaches mentioned in the previous instalment — krebsonsecurity.com/… & www.bleepingcomputer.com/…
      • The issue was with how the third-party AI chatbot from Salesloft integrated with Salesforce, allowing attackers to pivot from a victim’s Salesloft account to their Salesforce account to their other systems
      • The root cause was a hacked GitHub account belonging to Salesloft

    Deep Dive — Memory Integrity Enforcement: The Hidden Security Gem in the A19 Chips & iOS 26

    TL;DR — Apple have added hardware and software changes that make the most common kinds of memory-related bugs like buffer overflows and use-after-free errors uneconomically difficult to exploit reliably, making iOS 26 and later on A19 and later chips orders of magnitude more difficult to hack, even by nation-state-level attackers.

    It didn’t make the Awe Dropping event video, but Apple have added a very impressive security feature to all the new iPhone 17 model and the iPhone Air because of hardware updates in the new A19 series of processors, and software updates in iOS 26.

    Apple’s security team describe it very well in their announcement blog post, and the first and last sections are very human-friendly, while the middle bit is very detailed and nerdy, but in a surprisingly clear and readable way. Here are the key points in Apple’s words:

    Memory Integrity Enforcement (MIE) is the culmination of an unprecedented design and engineering effort, spanning half a decade, that combines the unique strengths of Apple silicon hardware with our advanced operating system security to provide industry-first, always-on memory safety protection across our devices — without compromising our best-in-class device performance. We believe Memory Integrity Enforcement represents the most significant upgrade to memory safety in the history of consumer operating systems.

    There has never been a successful, widespread malware attack against iPhone. The only system-level iOS attacks we observe in the wild come from mercenary spyware, which is vastly more complex than regular cybercriminal activity and consumer malware. Mercenary spyware is historically associated with state actors and uses exploit chains that cost millions of dollars to target a very small number of specific individuals and their devices. Although the vast majority of users will never be targeted in this way, these exploit chains demonstrate some of the most expensive, complex, and advanced attacker capabilities at any given time and are uniquely deserving of study as we work to protect iPhone users against even the most sophisticated threats. Known mercenary spyware chains used against iOS share a common denominator with those targeting Windows and Android: they exploit memory safety vulnerabilities, which are interchangeable, powerful, and exist throughout the industry.

    For Apple, improving memory safety is a broad effort that includes developing with safe languages and deploying mitigations at scale … We created Swift, an easy-to-use, memory-safe language, which we employ for new code and targeted component rewrites. In iOS 15, we introduced kalloc_type, a secure memory allocator for the kernel, followed in iOS 17 by its user-level counterpart, xzone malloc. These secure allocators take advantage of knowing the type — or purpose — of allocations so that memory can be organized in a way that makes exploiting most memory corruption vulnerabilities inherently difficult … In 2018, we were the first in the industry to deploy Pointer Authentication Codes (PAC) in the A12 Bionic chip, to protect code flow integrity in the presence of memory corruption.

    Arm published the Memory Tagging Extension (MTE) specification in 2019 as a tool for hardware to help find memory corruption bugs. MTE is, at its core, a memory tagging and tag-checking system, where every memory allocation is tagged with a secret; the hardware guarantees that later requests to access memory are granted only if the request contains the correct secret. If the secrets don’t match, the app crashes, and the event is logged. This allows developers to identify memory corruption bugs immediately as they occur … We conducted a deep evaluation and research process to determine whether MTE, as designed, would meet our goals for hardware-assisted memory safety. Our analysis found that, when employed as a real-time defensive measure, the original Arm MTE release exhibited weaknesses that were unacceptable to us, and we worked with Arm to address these shortcomings in the new Enhanced Memory Tagging Extension (EMTE) specification, released in 2022.

    We believe memory safety protections need to be strictly synchronous, on by default, and working continuously … In addition, for MTE to provide memory safety in an adversarial context, we would need to finely tune the operating system to defend the new semantics and the confidentiality of memory tags on which MTE relies.

    Today we’re introducing the culmination of this effort: Memory Integrity Enforcement (MIE), our comprehensive memory safety defense for Apple platforms. Memory Integrity Enforcement is built on the robust foundation provided by our secure memory allocators, coupled with Enhanced Memory Tagging Extension (EMTE) in synchronous mode, and supported by extensive **Tag Confidentiality Enforcement **policies. MIE is built right into Apple hardware and software in all models of iPhone 17 and iPhone Air and offers unparalleled, always-on memory safety protection for our key attack surfaces including the kernel, while maintaining the power and performance that users expect. In addition, we’re making EMTE available to all Apple developers in Xcode as part of the new Enhanced Security feature that we released earlier this year during WWDC.

    Links

    ❗ Action Alerts

    Worthy Warnings

    Notable News

    Interesting Insights

    Palate Cleansers

    • From NosillaCastaways: 🎦 Python: The Documentary — youtu.be/… (from Joop via Mastodon, Bart & Allison both loving it 🙂)
    • From Bart: Some of my favourite travel photographer Florian Kriechbaumer’s work is being featured on the Vision Pro, so this is a good opportunity to plug his amazing travel blog & Glass profile.
    • From Allison: Gary Rosenzweig is a long-time jewel of knowledge for the Mac community with his Mac Most podcast and blog. He’s just published a single page where you can see every version of macOS back to Lion and what Macs can run each OS: macmost.com/…

    Legend

    When the textual description of a link is part of the link, it is the title of the page being linked to, when the text describing a link is not part of the link, it is a description written by Bart.

    Emoji Meaning
    🎧 A link to audio content, probably a podcast.
    A call to action.
    flag The story is particularly relevant to people living in a specific country, or, the organisation the story is about is affiliated with the government of a specific country.
    📊 A link to graphical content, probably a chart, graph, or diagram.
    🧯 A story that has been over-hyped in the media, or, “no need to light your hair on fire” 🙂
    💵 A link to an article behind a paywall.
    📌 A pinned story, i.e. one to keep an eye on that’s likely to develop into something significant in the future.
    🎩 A tip of the hat to thank a member of the community for bringing the story to our attention.
    🎦 A link to video content.

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    Scroll to top