Apple has patched an exploit that the FBI used to extract portions of incoming messages, even after they and their corresponding app had been deleted.

The iOS/iPadOS 26.4.2 update, released on Thursday (AEDT) – and iOS/iPadOS 18.7.8 for older devices – fix a bug that meant “notifications marked for deletion could be unexpectedly retained on the device”, Apple said in its release notes.

The company, which did not reply to a request for comment, has not confirmed what prompted it to address the vulnerability, but it was reported earlier this month that the FBI had used forensic tools to extract deleted Signal messages from someone’s iPhone.

Preview cache revived deleted Signal messages

The FBI’s use of the content-recovery technique was aired in a trial that convicted nine Antifa protesters for crimes related to a 2025 riot outside of a Texas Immigration and Customs Enforcement (ICE) facility, during which a police officer was non-fatally shot.

Supporters of the defendants who took notes at the trial published summaries of the exhibits, including Special Agent Clark Wiethorn’s testimony describing how the FBI extracted a witness’s communications with one of the accused.

“Messages were recovered from [the] phone through Apple’s internal notification storage — Signal had been removed, but incoming notifications were preserved in internal memory,” Wiethorn reportedly said.

Following a 404 Media report sourced from interviews with the attendants, Signal president Meredith Whittaker said the platform “asked Apple to address” the bug, saying in a post on X that “notifications for deleted messages shouldn't remain in any OS notification database.”

“In the meantime, you can prevent any preview text from your Signal messages from appearing in your notifications,” she said.

“Signal Settings > Notifications > Show No Name or Content”.

Signal said it was “very happy” that Apple had now fixed the bug, writing in a statement on Thursday, “We’re grateful to Apple for the quick action here, and for understanding and acting on the stakes of this kind of issue.

“It takes an ecosystem to preserve the fundamental human right to private communication.”

Notification snooping persists

US anti-surveillance group Electronic Frontier Foundation (EFF) said that Apple’s bug fix only “addressed part of the issue”.

EFF security and privacy activist Thorin Klosowski said in a blog post prior to Apple’s software update that, in addition to physical extraction, law enforcement could remotely spy on users over the channels that deliver notifications from an app’s servers to users’ phones.

“It might seem like push notifications come directly from an app, but they are typically routed through either Apple or Google’s servers first,” he said.

“The content of those notifications may be visible to Apple and Google, and at the very least the companies collect some metadata about what apps send a notification and when.”

Apps are not required to end-to-end encrypt sensitive plaintext in notifications, and a 2024 peer-reviewed study confirmed Skype, Discord, WeChat and JusTalk had “leaked the actual message content” over Google’s push token service.

Klosowski told Information Age that “at the very least, app developers should start thinking about this more deeply on their end, and consider implementing solutions similar to Signal’s workarounds.”

Whittaker has previously said that Signal’s “notifications are processed entirely on your device”, that its notification payloads cannot “reveal the contents of any Signal messages”, and its push tokens – which contain the non-content delivery information – “don't reveal who sent the message or who is calling (not to Apple, Google, or anyone).”

Apple has complied with 958 of 1408 law enforcement requests for 4,462 push tokens globally in the past four years, including one from Australia.

Extraction provider posted bug in 2022

Prague-based company Compelson – which has said its device-hacking platform MOBILedit Forensic is “utilised by the FBI” – published instructions on exploiting Apple’s message retention vulnerability four years ago.

MOBILedit Forensic’s “user guide” says “application-specific notifications gathered from iOS devices include notifications that are no longer active and can contain otherwise unobtainable information such as emails and messages from applications that haven't been stored in databases.”

“A jailbreak is required to get more notification data such as, title, source, subtitle, message, timestamp, URL links & pictures.”

The guide also notes that the exploit would only work on iPhones, because Google’s Android is configured to delete notification data when the corresponding app data or app is removed.