All news with #arm tag

Further Hardening of Mali GPU Drivers with SELinux

🔒 Google’s Android Security and Privacy team collaborated with Arm to analyze the Mali GPU driver and implement SELinux-based IOCTL filtering that reduces the kernel driver's attack surface. The team categorized IOCTLs as unprivileged, instrumentation, and restricted, and used a staged rollout—first opt-in testing via a gpu_harden attribute, then opt-out with a gpu_debug domain—to validate behavior in real devices. The post provides step-by-step guidance for vendors to adopt a platform-level macro, define device-specific IOCTL lists, and enforce policy to keep deprecated and debug IOCTLs unreachable in production.

Kaspersky Enhances Embedded Systems Security for 2025

🔒 Kaspersky has released a major update to Kaspersky Embedded Systems Security, targeting the unique risks of legacy and resource-constrained devices. The Windows edition introduces a behavioral analysis engine plus Automatic Exploit Prevention, Anti-Cryptor, a Remediation Engine, BadUSB protection, a firewall, and a security status indicator. The Linux edition adds certificate-based allowlisting and Web Threat Protection to simplify safe updates and guard web-enabled embedded devices. Planned Q1 2026 improvements include MDR integration, BadUSB for Linux, and ARM support.

Google Cloud previews Axion-based N4A general VMs Series

🚀 Google Cloud has introduced the Axion-based N4A VM series in preview, positioned as the most cost-effective N-series to date with up to 2× better price-performance and 80% better performance-per-watt versus comparable x86 VMs. Available on Compute Engine, GKE, Dataproc and Batch, N4A supports up to 64 vCPUs, 512 GB DDR5, 50 Gbps networking, Custom Machine Types and new Hyperdisk storage profiles (Balanced, Throughput, ML). Early customers report substantial cost and performance gains.

Google Cloud Announces Axion C4A Metal Bare-Metal Arm

🔧 Google Cloud is introducing C4A metal, a bare-metal instance class powered by its Arm-based Axion processors, entering preview soon. Designed for workloads that require direct hardware access and Arm-native compatibility, C4A metal delivers 96 vCPUs, 768 GB DDR5 memory, up to 100 Gbps networking, and support for Google Cloud Hyperdisk variants. C4A metal targets Android development, automotive simulation, CI/CD, security workloads, and custom hypervisors by eliminating nested virtualization overhead and preserving Arm instruction-set parity.

Apple Adds Always-On Memory Integrity Enforcement Feature

🔒 Apple has introduced Memory Integrity Enforcement in the iPhone 17, a hardware-aware, always-on defense against memory-safety exploits used by spyware like Pegasus. Building on Arm’s MTE and its 2022 Enhanced Memory Tagging Extension, Apple’s implementation tags allocations with secrets and verifies them on every access. The company says the protection runs continuously without noticeable performance loss. Apple collaborated with Arm and tuned the chip-level design to make exploitation of memory-corruption bugs significantly harder while preserving compatibility with existing code.