![\"IPhone](\"https:\/\/www.newsbeep.com\/au\/wp-content\/uploads\/2026\/04\/1776920950_594_0x0.jpg\")
<\/p>\n<\/p>\n
Apple iPhone 17 Pro Max<\/p>\n
NurPhoto via Getty Images<\/p>\n
April 25 update: this article, originally published on April 22 was updated on April 25 with more details of the latest update. <\/p>\n
Apple has released a new iPhone update, just two weeks after the last one. This release is designed to address a particular problem in Notification Services, \u201cwhere notifications marked for deletion could be unexpectedly retained on the device,\u201d as Apple described it<\/a>. There has now been confirmation of what the update tackles from Signal. Here\u2019s all you need to know. <\/p>\n ForbesThieves Can Drain Funds From A Locked iPhone With This Transit Trick: How To Protect YourselfBy David Phelan<\/a>Which iPhones Can Run iOS 26.4.2?<\/p>\n This update is for all iPhones from 2019 onwards. That means iPhone 11 and later. The second-generation and third-generation iPhone SE handsets are included. All members of the iPhone 17 series, including the latest release, iPhone 17e, plus iPhone Air, are also supported.<\/p>\n Identical security patches are also available for older devices via iOS 18.7.8. That means anyone with an iPhone 11 or later who hasn\u2019t updated to iOS 26 (once you\u2019ve done so, you can\u2019t downgrade again later) plus the other three iPhones compatible with iOS 18, that is, iPhone XS, iPhone XS Max and iPhone XR.<\/p>\n How To Download And Install iOS 26.4.2<\/p>\n You\u2019ll likely know this by now, but to download the update, open the Settings app on the iPhone and click on General, followed by Software Update. Here you\u2019ll find Download and Install, and it\u2019ll be downloaded promptly. It\u2019s a small update, 772 MB on my iPhone 17 Pro Max. It downloaded and installed quickly \u2014 less than 10 minutes in all.<\/p>\n iOS 26.4.2 \u2014 What\u2019s In The Release<\/p>\n This update came out of the blue and is focused on one thing: an exploit to Notification Services which meant something that had been marked for deletion could be retained. It\u2019s now been fixed with a logging issue with improved redaction, the company says. <\/p>\n Crucially, Apple says the update also retroactively purges any notification fragments that were stored on-device before the fix. In other words, the update solves the problem for past, as well as future, message deletions. <\/p>\n It seems that the vulnerability became known when recent court testimony revealed that the FBI was able to access an internal notification database on an iPhone involved in a federal case in Texas. <\/p>\n \u201cThe iPhone in question was set to display the content of Signal messages on the Lock Screen, and with that feature enabled, the iPhone stores message content,\u201d MacRumors<\/a> reported.<\/p>\n \u201cThe defendant in the case had deleted the Signal app and had Signal messages set to disappear, but the iPhone kept the messages in its database long enough for the FBI to access them,\u201d it went on.<\/p>\n This, in other words, is a security flaw that will not impact most people, but has been deemed urgent enough for Apple to issue a new update just to fix it. The vulnerability, tracked as CVE-2026-28950, effectively bypassed the encryption of secure messaging apps by targeting the operating system’s own notification logs.<\/p>\n On April 22, Signal posted on X about the update, saying \u201cWe are very happy that today Apple issued a patch and a security advisory. This comes following @404mediaco<\/a> reporting that the FBI accessed Signal message notification content via iOS despite the app being deleted.\u201d<\/p>\n Note that no action is needed for this fix to protect Signal users on iOS. Once you install the patch, all inadvertently-preserved notifications will be deleted and no forthcoming notifications will be preserved for deleted applications. We\u2019re grateful to Apple for the quick action here, and for understanding and acting on the stakes of this kind of issue. It takes an ecosystem to preserve the fundamental human right to private communication.<\/p>\n But the fact that this update appeared out of the blue is an indication of how seriously Apple has taken it. It came just weeks after reports that the FBI had managed to forensically extract copies of incoming Signal messages on an iPhone.<\/p>\n This phone belonged to a defendant in a case connected to an attack on an ICE detention center, even though the app had been deleted. It did this, \u201cby taking advantage of the fact that copies of the content were saved in the device’s push notification database,\u201d The Hacker News<\/a> reported.<\/p>\n This was achieved by using the push notification database in the iPhone, which continued to store notifications of incoming messages from the app. That\u2019s what\u2019s been addressed in this update.<\/p>\n Signal uses end-to-end encryption and has features like automatic message deletion and has message history which is stored on-device rather than in servers. <\/p>\n \u201cSignal is often used by journalists, government officials, and other users who want increased security,\u201d Macworld said. So, it\u2019s especially important for Signal users, but since it addresses a flaw in privacy \u2014 one of Apple\u2019s most important priorities \u2014 it\u2019s no surprise the company has moved so quickly.<\/p>\n