{"id":545565,"date":"2026-04-23T00:22:09","date_gmt":"2026-04-23T00:22:09","guid":{"rendered":"https:\/\/www.newsbeep.com\/uk\/545565\/"},"modified":"2026-04-23T00:22:09","modified_gmt":"2026-04-23T00:22:09","slug":"apple-rolls-out-ios-26-4-2-to-fix-a-flaw-that-allowed-the-fbi-to-access-push-notifications","status":"publish","type":"post","link":"https:\/\/www.newsbeep.com\/uk\/545565\/","title":{"rendered":"Apple rolls out iOS 26.4.2 to fix a flaw that allowed the FBI to access push notifications"},"content":{"rendered":"<p class=\"col-body mb-4 leading-7 text-[18px] md:leading-8 break-words min-w-0 charcoal-color\">Apple&#8217;s <a class=\"link \" href=\"https:\/\/support.apple.com\/en-us\/127002\" data-i13n=\"elm:context_link;elmt:doNotAffiliate;slk:latest iOS update;cpos:1;pos:1\" rel=\"nofollow noopener\" target=\"_blank\" data-ylk=\"slk:latest iOS update;elm:context_link;elmt:doNotAffiliate;slk:latest iOS update;cpos:1;pos:1;itc:0;sec:content-canvas\" data-yga=\"{&quot;yLinkPosition&quot;:&quot;1&quot;,&quot;yLinkElement&quot;:&quot;context_link&quot;,&quot;yAffiliateService&quot;:&quot;doNotAffiliate&quot;,&quot;yPosition&quot;:&quot;1&quot;,&quot;yModuleName&quot;:&quot;content-canvas&quot;,&quot;yLinkText&quot;:&quot;latest iOS update&quot;,&quot;yHasCommerce&quot;:false}\">latest iOS update<\/a> fixes a flaw in its notification database that made it possible for law enforcement to view deleted push notifications on a person&#8217;s iPhone or iPad. The security flaw was one way law enforcement agencies like the FBI could circumvent Apple&#8217;s strict stance towards user privacy, <a class=\"link \" href=\"https:\/\/www.eff.org\/deeplinks\/2026\/04\/how-push-notifications-can-betray-your-privacy-and-what-do-about-it\" data-i13n=\"slk:the Electronic Frontier Foundation writes;cpos:2;pos:1\" rel=\"nofollow noopener\" target=\"_blank\" data-ylk=\"slk:the Electronic Frontier Foundation writes;slk:the Electronic Frontier Foundation writes;cpos:2;pos:1;elm:context_link;itc:0;sec:content-canvas\" data-yga=\"{&quot;yLinkPosition&quot;:&quot;2&quot;,&quot;yLinkElement&quot;:&quot;context_link&quot;,&quot;yPosition&quot;:&quot;1&quot;,&quot;yModuleName&quot;:&quot;content-canvas&quot;,&quot;yLinkText&quot;:&quot;the Electronic Frontier Foundation writes&quot;,&quot;yHasCommerce&quot;:false}\">the Electronic Frontier Foundation writes<\/a>, particularly since the company has <a class=\"link \" href=\"https:\/\/www.engadget.com\/apple-now-needs-a-judges-order-to-hand-over-push-notification-records-052710429.html\" data-i13n=\"slk:required a court order;cpos:3;pos:1\" data-ylk=\"slk:required a court order;slk:required a court order;cpos:3;pos:1;elm:context_link;itc:0;sec:content-canvas\" data-yga=\"{&quot;yLinkPosition&quot;:&quot;3&quot;,&quot;yLinkElement&quot;:&quot;context_link&quot;,&quot;yPosition&quot;:&quot;1&quot;,&quot;yModuleName&quot;:&quot;content-canvas&quot;,&quot;yLinkText&quot;:&quot;required a court order&quot;,&quot;yHasCommerce&quot;:false}\" rel=\"nofollow noopener\" target=\"_blank\">required a court order<\/a> to share notification data since 2023.<\/p>\n<p class=\"col-body mb-4 leading-7 text-[18px] md:leading-8 break-words min-w-0 charcoal-color\">According to Apple&#8217;s update notes, iOS 26.4.2 introduces &#8220;improved data redaction&#8221; to address an issue where &#8220;notifications marked for deletion could be unexpectedly retained on the device.&#8221; The update is available now on &#8220;iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later and iPad mini 5th generation and later,&#8221; Apple says.<\/p>\n<p class=\"col-body mb-4 leading-7 text-[18px] md:leading-8 break-words min-w-0 charcoal-color\">The FBI&#8217;s use of this particular iOS notification flaw was <a class=\"link \" href=\"https:\/\/www.404media.co\/fbi-extracts-suspects-deleted-signal-messages-saved-in-iphone-notification-database-2\/\" data-i13n=\"slk:first reported on by 404 Media;cpos:4;pos:1\" rel=\"nofollow noopener\" target=\"_blank\" data-ylk=\"slk:first reported on by 404 Media;slk:first reported on by 404 Media;cpos:4;pos:1;elm:context_link;itc:0;sec:content-canvas\" data-yga=\"{&quot;yLinkPosition&quot;:&quot;4&quot;,&quot;yLinkElement&quot;:&quot;context_link&quot;,&quot;yPosition&quot;:&quot;1&quot;,&quot;yModuleName&quot;:&quot;content-canvas&quot;,&quot;yLinkText&quot;:&quot;first reported on by 404 Media&quot;,&quot;yHasCommerce&quot;:false}\">first reported on by 404 Media<\/a>, who learned the agency used a tool to access Signal notification data stored locally on an iPhone even after it was deleted. Signal CEO Meredith Whitaker <a class=\"link \" href=\"https:\/\/bsky.app\/profile\/meredithmeredith.bsky.social\/post\/3mjhq7fuabk2w\" data-i13n=\"slk:later acknowledged the issue on Bluesky;cpos:5;pos:1\" rel=\"nofollow noopener\" target=\"_blank\" data-ylk=\"slk:later acknowledged the issue on Bluesky;slk:later acknowledged the issue on Bluesky;cpos:5;pos:1;elm:context_link;itc:0;sec:content-canvas\" data-yga=\"{&quot;yLinkPosition&quot;:&quot;5&quot;,&quot;yLinkElement&quot;:&quot;context_link&quot;,&quot;yPosition&quot;:&quot;1&quot;,&quot;yModuleName&quot;:&quot;content-canvas&quot;,&quot;yLinkText&quot;:&quot;later acknowledged the issue on Bluesky&quot;,&quot;yHasCommerce&quot;:false}\">later acknowledged the issue on Bluesky<\/a>, writing that &#8220;notifications for deleted [messages] shouldn&#8217;t remain in any OS notification database, and we&#8217;ve asked Apple to address this.&#8221; At the time, Whitaker directed Signal users to adjust their settings so that push notifications from the app didn\u2019t include the name of the messenger or message content. In reaction to today\u2019s news, <a class=\"link \" href=\"https:\/\/bsky.app\/profile\/signal.org\/post\/3mk4krp33bk27\" data-i13n=\"cpos:6;pos:1\" rel=\"nofollow noopener\" target=\"_blank\" data-ylk=\"slk:Signal said on Bluesky;cpos:6;pos:1;elm:context_link;itc:0;sec:content-canvas\" data-yga=\"{&quot;yLinkPosition&quot;:&quot;6&quot;,&quot;yLinkElement&quot;:&quot;context_link&quot;,&quot;yPosition&quot;:&quot;1&quot;,&quot;yModuleName&quot;:&quot;content-canvas&quot;,&quot;yLinkText&quot;:&quot;Signal said on Bluesky&quot;,&quot;yHasCommerce&quot;:false}\">Signal said on Bluesky<\/a> that it is \u201cvery happy that today Apple issued a patch and a security advisory.\u201d<\/p>\n<p class=\"col-body mb-4 leading-7 text-[18px] md:leading-8 break-words min-w-0 charcoal-color\">The privacy of your notifications is vulnerable in at least two places, according to the EFF. In the cloud, where they get routed through a company&#8217;s servers and likely partially logged in metadata, and on the local storage of the phone where they&#8217;re received. Apple&#8217;s update should ideally make deleted notifications appropriately inaccessible, but limiting what&#8217;s actually visible in notifications in the first place is also worth considering.<\/p>\n<p class=\"col-body mb-4 leading-7 text-[18px] md:leading-8 break-words min-w-0 charcoal-color\">Update, April 22, 6:40PM ET: This story was updated after publish to include comment from Signal.<\/p>\n","protected":false},"excerpt":{"rendered":"Apple&#8217;s latest iOS update fixes a flaw in its notification database that made it possible for law enforcement&hellip;\n","protected":false},"author":2,"featured_media":242415,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16],"tags":[304,187823,187821,40247,2306,187822,187820,143856,164032,27462,86,56,54,55],"class_list":{"0":"post-545565","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-mobile","8":"tag-apple","9":"tag-electronic-frontier-foundation","10":"tag-latest-ios-update","11":"tag-law-enforcement-agencies","12":"tag-mobile","13":"tag-notification-data","14":"tag-notification-database","15":"tag-notifications","16":"tag-push-notifications","17":"tag-security-flaw","18":"tag-technology","19":"tag-uk","20":"tag-united-kingdom","21":"tag-unitedkingdom"},"_links":{"self":[{"href":"https:\/\/www.newsbeep.com\/uk\/wp-json\/wp\/v2\/posts\/545565","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.newsbeep.com\/uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.newsbeep.com\/uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/uk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/uk\/wp-json\/wp\/v2\/comments?post=545565"}],"version-history":[{"count":0,"href":"https:\/\/www.newsbeep.com\/uk\/wp-json\/wp\/v2\/posts\/545565\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/uk\/wp-json\/wp\/v2\/media\/242415"}],"wp:attachment":[{"href":"https:\/\/www.newsbeep.com\/uk\/wp-json\/wp\/v2\/media?parent=545565"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.newsbeep.com\/uk\/wp-json\/wp\/v2\/categories?post=545565"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.newsbeep.com\/uk\/wp-json\/wp\/v2\/tags?post=545565"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}