Follow ZDNET: Add us as a favorite source On Google.
ZDNET Highlights
- iOS 26.4.2 fixes a flaw that allows access to deleted text.
- The FBI exploited this flaw to recover messages from a Signal user.
- The patch should protect other messaging apps from this weakness.
Many people use the popular Signal app to send and receive encrypted text messages. As an added bonus, you can set all text to automatically disappear after a certain amount of time. But those protections don’t help that much if your device’s operating system has an inherent flaw. And that’s exactly what happened, and why Apple had to fix it.
On Wednesday, Apple released its latest small update for iOS (and iPadOS). Release Notes for iOS/iPadOS 26.4.2 Show only one vulnerability patched by the new version. Affecting the notification service on your iPhone or iPad, the note simply says: “Notifications marked for deletion may unexpectedly be retained on the device.”
Also: What is a signal? 7 features that make it a favorite app for private, secure messaging
As is sometimes the case with Apple update notes, the explanation raises more questions than it answers. However, the reason for the update lies in the Signal app itself and how the feds were able to bypass its security.
one in The federal trial that ended last monthSeveral individuals were charged and found guilty of setting off fireworks and causing property damage at an ICE detention facility. One of the defendants, Lynette Sharp, had used Signal on her iPhone and later deleted the app, 404 media (subscription required) reported earlier this month, citing people present at the trial.
How the FBI gained access to Signal messages
However, during the trial, an FBI agent testified that the agency was able to access Sharp’s incoming Signal messages because copies of their content were saved on her phone’s push notification database.
Normally, a message received through Signal triggers a push notification on your phone. Notifications alert you to the message and, by default, display the sender’s name and some of the message’s contents. In Signal, you can modify this option so that only the person’s name appears, or no name and no content.
Also: Apple’s iOS 26.4.1 update now enables stolen device protection by default – get it today
Apparently, Sharp had left the default Signal notification settings unchanged. This meant that the names and partial contents of the texts he received (but not the ones he sent) were still stored and accessible due to this iOS weakness. That weakness allowed the FBI to retrieve some of the messages he received on his phone.
A supporter of the defendants who was taking notes during the trial told 404 Media, “We discovered that specifically on iPhones, if one’s settings in the Signal app allow message notifications and previews to show on the lock screen, the iPhone will internally store those notifications/message previews in the device’s internal memory.”
Although Apple has not yet acknowledged the Signal incident as the cause of iOS 26.4.2, Signal was open about it. one in post on xSignal thanked Apple for the patch and specifically cited the FBI’s access to message notification content, even after the app was deleted.
No user action required
“Apple’s advisory has confirmed that the bugs that allowed this to happen have been fixed in the latest iOS release,” Signal said in its post. “Note that this fix does not require any action to protect Signal users on iOS. Once you install the patch, all notifications inadvertently protected will be removed, and no subsequent notifications for removed apps will be preserved. We are grateful to Apple for the quick action here, and for understanding aspects of this issue and taking action.”
Also: These warning signs could mean spyware is on your phone – and 9 ways to keep it safe
Although the patch has been rolled out in response to the Signal incident, the update will likely prevent the flaw from affecting other messaging apps. To get this latest update on your iPhone or iPad, go to Settings, select General, tap Software Update and then tap the button to Update Now. After the update is installed, restart your iPhone or iPad.
