Apple Releases OS 26.4.1 to Fix CloudKit Syncing Bug

Originally published at: Apple Releases OS 26.4.1 to Fix CloudKit Syncing Bug - TidBITS

Apple has released iOS 26.4.1 and iPadOS 26.4.1, saying only that they provide bug fixes. There are also no security fixes listed. However, in the Apple Developer Forums discussion of the iCloud syncing problems in iOS 26.4, multiple developers confirm that iOS 26.4.1 addresses the issue we covered in “iOS 26.4 CloudKit Bug Disrupts iCloud Sync, Fix Coming” (6 April 2026).

In addition, the iOS 26.4.1 and iPadOS 26.4.1 Enterprise release notes now say, “Stolen Device Protection will be automatically enabled on devices that update from iOS 26.4 to iOS 26.4.1.” Although TidBITS readers Alan Forkosh and Doug Miller reported exactly that when they updated, I explicitly turned off Stolen Device Protection before updating to iOS 26.4.1 and confirmed that it was still off afterward. Nor did I see the screen they mentioned, so your mileage may vary. (He says, while updating this article at an interim slow ChargePoint charger in Pottsville, PA, due to mileage estimates on my Hyundai IONIQ 5 not quite living up to their initial promise; see “Living with Digital Key 2 on the Hyundai IONIQ 5,” 6 April 2026.)

After I published the initial version of this article, Apple released macOS 26.4.1 Tahoe with the same “This update provides bug fixes for your Mac” release note. Given that the code is shared across Apple’s operating systems, it seems likely that it received the CloudKit change as well, even if it wasn’t affecting Macs. The macOS 26.4.1 Enterprise release notes also say that it “Resolved an issue where MacBook Air with M5 and MacBook Pro with M5 Pro or M5 Max failed to join 802.1X Wi-Fi networks while using content filter extensions.”

If you’re running any version of iOS 26 or iPadOS 26, I’d recommend waiting a day or two before updating to 26.4.1, giving time for any unexpected problems to surface. The same goes for any version of macOS 26. That said, if iCloud sync issues in OS 26.4 are affecting you, update now. As yet, there are no 26.4.1 updates for watchOS, tvOS, and visionOS.

On a separate note, Apple, would it kill you to acknowledge the actual bug in the release notes? Something like, “Fixes an issue where data synced by iCloud may not appear immediately.”

I installed iOS 26.4.1 on my iPhone today. It told me about Stolen Device Protection and turned it on. I didn’t see an option not to turn it on. Since I didn’t want it on, I turned it off via Settings.

So, if you don’t want Stolen Device Protection, check your settings after installing 26.4.1

I tested this explicitly with my update, turning Stolen Device Protection off before I installed, and checking immediately afterward, where it remained off. So it’s worth checking, but not a universal issue.

An anecdotal note that I had read that 26.4 was reportedly going to enable Stolen Device Protection by default. It did not switch my phone from off to on when I installed it, but with the 26.4.1 update I was presented with a screen after the update explaining the feature and it was, in fact, turned on for me as well. So far I am leaving it on - I have only been burned by this once since the feature was adopted, and that was when I went to an Apple Store appointment to replace a battery in an iPhone and I had forgotten to turn off SDP when I left home. The Apple Store was kind enough to let me roam the mall and come back in an hour to drop off the phone for battery repair.

Adam asked, "Apple, would it kill you to acknowledge the actual bug in the release notes? "…
Oh I am so behind you on that one! I mean, ok, for “security” reasons aka miscreants can exploit bugs that haven’t been addressed. But Apple seems to dumb us down that a blanket statement like, “various bug fixes”. Well? Maybe we have those and would be grateful to know what was or wasn’t fixed. Right?

Its like my peeve with the App store. App updates will just note, “we’ve fixed some bugs and made user experience improvements”. Really? Or Youtube’s app update will have some poorly worded humor like, “We’ve cleared some pipes and made some adjustments to the various tubes”. WTF? Are we 9 years old?

Security through obscuring you. Maybe its fixed. Maybe not yet. Shhhh.

It’s a pet peeve of mine, too. Even the developers’ release notes are over-simplified, and there hasn’t been anything specific published about 26.4.1 yet.

Well, I’d say Google has a long history of child-like product names, graphics, and communications. For example, “Honeycomb”, “Ice Cream Sandwich”, and “Jellybean” were all official names for successive versions of Android.

A variation on this is the repeated use of the same “humorous” update note. A language-learning app I use, Memrise, never changes its “irreverent” explanation of updates. Boring!