"The answer? Memory Integrity Enforcement (MIE). Meet MIE MIE was not developed to fight against low-hanging fruit -- the kinds of opportunistic cyberattackers who develop basic malware and rely on human error, phishing, and fraud to compromise a system. Instead, the memory safety feature aims to break complex, expensive, and targeted attack chains connected with state-sponsored threat actors and top-tier spyware developers."
"If this brings to mind cases including NSO Group's Pegasus, when malware was used to infiltrate phones reportedly belonging to activists and journalists, that's the aim. According to Apple, MIE is focused on disrupting "mercenary spyware" that may cost millions of dollars to target a select few. "Known mercenary spyware chains used against iOS share a common denominator with those targeting Windows and Android: they exploit memory safety vulnerabilities, which are interchangeable, powerful, and exist throughout the industry," the company says."
Apple's iPhone 17 lineup adds Memory Integrity Enforcement (MIE), a memory safety system designed to defend iOS devices against advanced, targeted spyware and memory-level exploits. MIE aims to block complex, expensive attack chains used by state-sponsored and mercenary spyware developers rather than opportunistic malware or phishing-based attacks. The system targets exploitation of memory safety vulnerabilities that are common across platforms and interchangeable between iOS, Windows, and Android. MIE operates as an always-on memory protection mechanism to harden operating system and memory-level defenses and reduce the viability of high-cost surveillance tools like Pegasus.
Read at ZDNET
Unable to calculate read time
Collection
[
|
...
]