Apple on Tuesday unveiled its new iPhone 17 and iPhone Air smartphones, which include a new memory protection feature to safeguard devices against sophisticated spyware attacks.
The new feature is called Memory Integrity Enforcement (MIE) and the tech giant says it provides always-on memory safety protection for the latest phones. The new iPhone lineup is running iOS 26.
Apple pointed out that while its iOS operating system has not been hit by widespread malware attacks, iPhones are regularly targeted by well-resourced threat actors.
These attacks typically involve exploits created by ‘lawful’ surveillance solutions providers. These companies are often referred to as mercenary spyware vendors because while they claim to only provide their services to government agencies for purposes of national security and criminal investigations, in reality their products are in many cases sold to authoritarian regimes and end up being used against journalists, human rights activists, and political dissidents.
The exploits developed by these spyware vendors often involve memory safety vulnerabilities and Apple’s new MIE protection aims to make exploitation of such flaws significantly more difficult.
According to Apple, the MIE feature leverages Arm’s Enhanced Memory Tagging Extension (EMTE), which the chip giant released in 2022 as an update to its 2019 Memory Tagging Extension (MTE) specification following a collaboration with Apple.
MIE uses EMTE along with secure memory allocators, and extensive Tag Confidentiality Enforcement policies to provide protection in the kernel, Safari, and Messages.
After testing MIE against known exploit chains and recent vulnerabilities, Apple found that it’s highly efficient in blocking attacks in their early stages, preventing threat actors from reviving exploit chains by swapping out one bug for another.
“Inevitably, attackers must face MIE at a stage where their capabilities are still very limited, leaving few viable avenues for exploitation. This leads to fragile chains where breaking just one step is often enough to invalidate the entire exploit strategy,” the tech giant explained.
Ivan Krstić, head of security engineering and architecture at Apple, noted, “Based on our evaluations pitting Memory Integrity Enforcement against exceptionally sophisticated mercenary spyware attacks from the last three years, we believe MIE will make exploit chains significantly more expensive and difficult to develop and maintain, disrupt many of the most effective exploitation techniques from the last 25 years, and completely redefine the landscape of memory safety for Apple products.”
Google has also recently announced a new feature, named Advanced Protection mode, designed to block spyware and other attacks aimed at Android users.
Related: Apple Seeks Researchers for 2026 iPhone Security Program
Related: Apple Patches Zero-Day Exploited in Targeted Attacks
Related: Apple Confirms USB Restricted Mode Exploited in ‘Extremely Sophisticated’ Attack
