![\"Apple](\"https:\/\/www.newsbeep.com\/ie\/wp-content\/uploads\/2026\/04\/1776960548_15_0x0.png\")
<\/p>\n<\/p>\n
Apple’s iOS 26.4 and iOS 18.7.8 fix the same flaw, in Notification Services, where notifications marked for deletion could be unexpectedly retained on the device.<\/p>\n
Apple iPhone<\/p>\n
Update 10:45 a.m. EDT: This article, originally published at 03:47 a.m. EDT has been updated to include confirmation from Signal and expert commentary about the issue fixed in iOS 26.4.2 and iOS 18.7.8.<\/p>\n
Apple has released iOS 26.4.2 and iOS 18.7.8, along with a warning to update your iPhone now. That\u2019s because iOS 26.4 and iOS 18.7.8 fix a single security vulnerability in the iPhone software, which could be pretty serious. <\/p>\n
Apple doesn\u2019t provide much detail about what\u2019s fixed in iOS 26.4.2 and iOS 18.7.8, to allow as many users to upgrade before attackers can get hold of the details. But it does reveal that iOS 26.4 and iOS 18.7.8 fix the same flaw, in Notification Services, where notifications marked for deletion could be unexpectedly retained on the device, according to Apple\u2019s support page<\/a>.<\/p>\n Tracked as CVE-2026-28950, it seems the issue was released as an emergency update for a reason. It appears to be the same vulnerability used by the FBI to extract copies of incoming Signal messages<\/a> from a defendant\u2019s iPhone due to copies of the content being saved in the push notification database, first reported by 404 Media<\/a>.<\/p>\n While Apple doesn\u2019t comment on the details of the fixes in iOS 18.7.8 and iOS 26.4.2, Bleeping Computer<\/a> points out that \u201cits description of notifications being retained on the device closely aligns with the type of data persistence described in that report.\u201d<\/p>\n I have asked Apple to comment and will update this article if the iPhone maker responds.<\/p>\n Signal Confirms iOS 26.4.2 and iOS 18.7.8 Fix Known Issue<\/p>\n Signal has confirmed iOS 26.4.2 and iOS 18.7.8 fix the issue in question. \u201cWe are very happy that today Apple issued a patch and a security advisory,\u201d Signal wrote on X, formerly Twitter, adding that the move comes following 404 Media\u2019s reporting “that the FBI accessed Signal message notification content via iOS despite the app being deleted.\u201d<\/p>\n Apple\u2019s advisory confirmed that the bugs that allowed this to happen have been fixed in the latest iOS release, Signal. added<\/p>\n Signal also pointed out the no action is needed for this fix to protect Signal users on iOS. \u201cOnce you install the patch, all inadvertently-preserved notifications will be deleted and no forthcoming notifications will be preserved for deleted applications.\u201d<\/p>\n \u201cWe\u2019re grateful to Apple for the quick action here, and for understanding and acting on the stakes of this kind of issue. It takes an ecosystem to preserve the fundamental human right to private communication,\u201d Signal added.<\/p>\n iOS 18.7.8 Is Also Available For Newer iPhones<\/p>\n Another security implication of this latest update is the fact that iOS 18.7.8 is also available for later generations of the iPhone, signalling that Apple is now offering iOS 18 to those who want to stay on the older operating system. <\/p>\n It comes after the iPhone maker released iOS 26.4<\/a> last month, including the ability to update to iOS 18.7.7<\/a> even if you own a newer device. The reason for this was DarkSword, a dangerous spyware<\/a> that was using iPhone vulnerabilities to attack Apple users. Perhaps Apple is changing its tactics to ensure all users are secured in the face of major risks \u2014 certainly when it issues emergency updates to the iPhone software such as iOS 26.4.2 and iOS 18.7.8.<\/p>\n \u201cApple shipping a dedicated patch for a single issue and backporting it to iOS 18 in the same release, tells you exactly how seriously they take the integrity of their platform,\u201d says Adam Boynton, senior enterprise strategy manager at Jamf.<\/p>\n He describes how a forensic examiner reconstructing notifications a user believed were deleted is like \u201creading a compressed timeline of someone’s working life.\u201d<\/p>\n \u201cThey include the likes of two-factor codes, previews from work chat platforms, calendar invites, customer alerts and even internal security pings,\u201d Boynton warns.<\/p>\n The FBI and Signal case is \u201ceye-catching,\u201d but the underlying exposure applies to any app that surfaces content in push notifications, which is most enterprise collaboration tools in daily use, he says.<\/p>\n Apple\u2019s iOS 26.4.2 is available for iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later.<\/p>\n Why You Should Update To iOS 26.4.2 and iOS 18.7.8 Now<\/p>\n The fix issued in iOS 26.4.2 and iOS 18.7.8 might look fairly innocent, but the timing of the upgrade indicates Apple deems it serious. For that reason, you should upgrade your iPhone now. <\/p>\n If you are already on iOS 26, the iOS 26.4.2 update adds new features and bug fixes, including Concerts in Apple Music and eight new emoji, giving you extra reasons for updating right away.<\/p>\n So, what are you waiting for? Go to Settings > Software Update and upgrade to iOS 18.7.8 or iOS 26.4.2 now.<\/p>\n","protected":false},"excerpt":{"rendered":"Apple’s iOS 26.4 and iOS 18.7.8 fix the same flaw, in Notification Services, where notifications marked for deletion…\n","protected":false},"author":2,"featured_media":413702,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16],"tags":[936,61,6931,181497,181500,58876,181501,181496,181498,181502,181499,60,202,80],"class_list":{"0":"post-413701","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-mobile","8":"tag-apple","9":"tag-ie","10":"tag-ios","11":"tag-ios-18-7-8","12":"tag-ios-18-7-8-should-i-update","13":"tag-ios-26-4","14":"tag-ios-26-4-should-i-upgrade","15":"tag-ios-26-4-2","16":"tag-ios-26-4-2-and-ios-18-7-8-which-update-to-choose","17":"tag-ios-26-4-2-features","18":"tag-ios-26-4-2-should-i-update","19":"tag-ireland","20":"tag-mobile","21":"tag-technology"},"_links":{"self":[{"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/posts\/413701","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/comments?post=413701"}],"version-history":[{"count":0,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/posts\/413701\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/media\/413702"}],"wp:attachment":[{"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/media?parent=413701"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/categories?post=413701"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/tags?post=413701"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}