iOS 26.4.2 Update Rolled Out With Fix for Bug Used to Extract Notifications for Deleted Chats

Apple began rolling out its iOS 26.4.1 update in March for eligible iPhone models. A few weeks later, the Cupertino-based tech giant has released iOS 26.4.2 and iPadOS 26.4.2 for its smartphones and tablets, fixing a notable bug related to message notifications. The new update comes soon after a report highlighted that a US federal agency managed to access the text from deleted Signal messages, using the iPhone's notification database.

iOS 26.4.2 Update Addresses the Notifications Deletion Issue

On Wednesday, the Cupertino-based tech giant released the latest iOS 26.4.2 and iPadOS 26.4.2 updates. The update on iPhone 17, running on iOS 26.4.1 version, was 771.8MB in size. The changelog mentioned that the update provides “bug fixes and security updates” for Apple handsets. Apple's changelog mentions that iOS 26.4.2 addresses an issue related to Notification Services.

The update patches the vulnerability, which was being tracked as CVE-2026-28950, and it can be installed on iPhone 11 and later models, iPad Pro 12.9-inch third generation and newer models, iPad Pro 11-inch first generation and later models, iPad Air third generation and later models, iPad eighth generation and later models, and iPad Mini fifth generation and later models.

The company highlighted that the Notification Services on devices running iOS 26.4.1 or earlier iOS versions could falter at times, where notifications marked for deletion “could be unexpectedly retained on the device”. The tech giant added that “a logging issue was addressed with improved data redaction”.

To simplify, iPhone models running on old iOS versions were saving deleted message notifications in the notification database, which could then be accessed by a bad actor. Earlier this month, 404 Media reported that this particular bug was exploited by the Federal Bureau of Investigation (FBI) to “forensically extract” deleted Signal messages from a user's iPhone even after they were deleted, as the phone was logging the messages in its notification database.

In a post on X, Signal expressed its gratitude towards Apple for quickly releasing a patch to address the issue. Further, Signal said that users do not have to take any action beyond installing the latest iOS 26.4.2 update. “Once you install the patch, all inadvertently preserved notifications will be deleted and no forthcoming notifications will be preserved for deleted applications.”