Apple just fixed an iOS flaw exploited by the FBI - here's what happened

Tech Home Tech Services & Software Operating Systems Mobile OS iOS Apple just fixed an iOS flaw exploited by the FBI - here's what happened The latest iOS 26.4.2 update resolves a vulnerability that allowed the FBI to retrieve deleted text messages from a user's Signal app. Written by Lance Whitney, ContributorContributor April 23, 2026 at 9:29 a.m. PT

Follow ZDNET: Add us as a preferred source on Google.

ZDNET's key takeaways

• iOS 26.4.2 fixes a flaw that allowed access to deleted texts.
• The FBI exploited this flaw to recover messages from a Signal user.
• The patch should protect other messaging apps from this weakness.

Many people use the popular Signal app to send and receive encrypted text messages. As an added bonus, you can set all texts to automatically disappear after a certain amount of time. But those protections don't help as much if there's an underlying flaw in your device's operating system. And that's exactly what happened, and why Apple had to fix it.

On Wednesday, Apple released its latest minor update for iOS (and iPadOS). The release notes for iOS/iPadOS 26.4.2 show only one vulnerability patched by the new version. Impacting the notifications service on your iPhone or iPad, the note simply says: "Notifications marked for deletion could be unexpectedly retained on the device."

Also: What is Signal? 7 features that make it a go-to app for private, secure messaging

As is sometimes the case with Apple update notes, the explanation raises more questions than it answers. However, the reason for the update lies in the Signal app itself and in how the feds were able to skirt its security.

In a federal trial that concluded last month, several individuals were charged with and found guilty of setting off fireworks and vandalizing property at an ICE detention facility. One of the defendants, Lynette Sharp, had used Signal on her iPhone and later deleted the app, 404 Media (subscription required) reported earlier this month, citing people present at the trial.

How the FBI accessed Signal messages

During the trial, however, an FBI agent testified that the agency was able to access Sharp's incoming Signal messages because copies of their content had been saved on her phone's push notification database.

Normally, a message received via Signal triggers a push notification on your phone. The notification alerts you to the message and, by default, displays the name of the sender and shows some of the message content. In Signal, you can modify this option so that only the person's name appears, or that no name and no content appear.

Also: Apple's iOS 26.4.1 update enables Stolen Device Protection by default now - grab it today

Apparently, Sharp had left the default Signal notification settings unchanged. That meant the names and partial contents of texts she received (but not those she had sent) were still stored and accessible due to this iOS weakness. That weakness allowed the FBI to retrieve certain texts she had received on her phone.

"We learned that specifically on iPhones, if one's settings in the Signal app allow for message notifications and previews to show up on the lock screen, the iPhone will internally store those notifications/message previews in the internal memory of the device," a supporter of the defendants who was taking notes during the trial told 404 Media.

Though Apple has so far not acknowledged the Signal incident as the reason for iOS 26.4.2, Signal was open about it. In a post on X, Signal thanked Apple for the patch and specifically cited the FBI's access to message notification content even though the app had been deleted.

No user action required

"Apple's advisory confirmed that the bugs that allowed this to happen have been fixed in the latest iOS release," Signal said in its post. "Note that no action is needed for this fix to protect Signal users on iOS. Once you install the patch, all inadvertently preserved notifications will be deleted, and no forthcoming notifications will be preserved for deleted applications. We're grateful to Apple for the quick action here, and for understanding and acting on the stakes of this kind of issue."

Also: These warning signs could mean spyware is on your phone - and 9 ways to keep it secure

Though the patch may have been rolled out in response to the Signal incident, the update will presumably prevent the flaw from affecting other messaging apps. To get this latest update on your iPhone or iPad, head to Settings, select General, tap Software Updates, and then tap the button to update now. After the update is installed, restart your iPhone or iPad.

Security

Your Android phone's most powerful security feature is off by default and hidden - turn it on ASAP As ransomware recedes, a new more dangerous digital parasite rises Your PC's critical security certificates may be about to expire - how to check How to lock down your iPhone to the extreme - so even the FBI can't get in

• Your Android phone's most powerful security feature is off by default and hidden - turn it on ASAP
• As ransomware recedes, a new more dangerous digital parasite rises
• Your PC's critical security certificates may be about to expire - how to check
• How to lock down your iPhone to the extreme - so even the FBI can't get in

Editorial standards Show Comments Log In to Comment Community Guidelines

Related

T-Mobile is practically giving away the Apple Watch Series 11 - here's how to get one

Lenovo vs. Dell: My buying advice after testing dozens of laptops from both

This Motorola phone deal comes with free Bluetooth trackers and earbuds - how it works