Apple has released the new iOS 26.4.2 update that concerns iPhone and iPad users. This version fixes a security vulnerability that could allow push notifications that should have been deleted before to be retained on the device. The vulnerability in question allowed law enforcement officers to access these notifications in certain situations. According to the information in the update notes, Apple has rearranged the way notification data is processed in order to strengthen data privacy.
In the technical details shared by Apple, it is stated that the “improved data redaction” mechanism has been activated with iOS 26.4.2. This change addresses an issue where notifications marked for deletion unexpectedly remain on the device. Update; In addition to iPhone 11 and later models, iPad Pro 12.9 inch third generation and later, iPad Pro 11 inch first generation and later, iPad Air third generation and later, iPad eighth generation and later, and iPad mini fifth generation and later devices.
Storing notification data created controversy
The first findings about how the vulnerability is used in practice were revealed by 404 Media. The news stated that the FBI was able to access Signal notifications stored locally on the iPhone with the help of a specific tool, and that this data could also be accessed after the message was deleted. This situation raised a backdoor discussion that contradicts Apple’s approach, which requires a court order to share notification data since 2023.
Signal CEO Meredith Whitaker also stated in her statement on the subject that notifications of deleted messages should not remain in any operating system database. At the time, Whitaker suggested that users change their app settings to prevent the sender name and message content from appearing in notifications. In the evaluation made by Signal after the update was released, it was stated that they were pleased that Apple had released the necessary correction.
Electronic Frontier Foundation (EFF) points out that notification privacy may be at risk at two different points. The first of these is the server infrastructure to which notifications are directed; Here it may be possible to save at least partial metadata. The second point is the local storage area where notifications are stored on the device. The iOS 26.4.2 update aims to fix this second stage vulnerability.
However, it is also emphasized that system-level fixes alone may not be sufficient. Limiting what information is shown in notifications can help users create an additional layer of security. It is possible to hide sensitive content on the lock screen or turn it off completely through the settings in iOS. Such preferences offer a more controlled experience, especially for messaging applications.
In order not to miss the technology agenda, 📰 add it to Google News, 💬 join our WhatsApp channel, ▶ subscribe to YouTube, 📷 follow us on Instagram and 𝕏 X.