Apple Fixes iOS Notification Bug Exposing Deleted Messages
Apple patches iOS flaw that retained deleted notifications, exposing message data
Notifications can signal security events, policy changes, and required responses, helping organizations detect incidents and manage cyber risk.
Search across headline titles and summaries.
Background for this topic.
Notification in information security is the delivery of an alert about a security event, required action, system change, or confirmed incident. Notifications may target security teams, administrators, users, regulators, or affected individuals and can use email, messaging, phone, or monitoring dashboards. The term covers both automated technical alerts and formal communications about incidents or privacy impact.
Notifications support detection and incident response by directing people to investigate, contain, or remediate a problem. Their security depends on trustworthy event sources, authenticated delivery channels, clear severity and ownership, and records showing when messages were sent and acknowledged. Attackers may spoof alerts, interfere with delivery, or exploit exposed notification content; poorly tuned systems can also create alert overload that obscures important events. Notifications involving personal data should disclose only necessary information, while external incident notices must meet applicable legal deadlines and accurately describe known effects without overstating unconfirmed facts.
Apple patches iOS flaw that retained deleted notifications, exposing message data
Apple has rolled out a software fix for iOS and iPadOS to address a Notification Services flaw that stored notifications marked for deletion on the device
Apple has released out-of-band security updates for iPhone and iPad devices to fix a Notification Services flaw that could allow notifications marked for deletion to remain stored on the device. [...]