Apple GarageBand strikes a sour note – security update released

GarageBand
Apple’s GarageBand is a program that comes bundled with all Mac computers, allowing users to create their own music and podcasts.

It’s a pretty neat program, and the latest version even includes video tutorials from the likes of Sting, Norah Jones and Sara Bareilles to help you learn how to play different songs.

So far, so safe. But now a security issue has popped its head up.

If you go to the GarageBand support download page you’ll see that there’s a new version of GarageBand out, version 5.1. Apple says that GarageBand 5.1 “addresses general compatibility issues, improves overall stability, and fixes a number of other minor issues.”

Sign up to our free newsletter.
Security news, advice, and tips.

GarageBand update page fails to mention security issue

What they have been a little shy about mentioning on that page, however, is that a security update has been sneaked in alongside the other improvements to the product.

It appears that GarageBand could change the security preferences on the Safari web browser to allow cookies to be accepted from all sites rather than “Only from sites I visit”. That could mean that you were no longer blocking third-party cookies that advertisers can use to track your activity online.

Apple GarageBand security advisory

If you’re a user of GarageBand I would recommend you update to version 5.1 either directly from Apple’s website or via Software Update.

Make sure, if you have run previous versions of GarageBand in the past, that you confirm Safari’s settings are now set as you want them – not how earlier versions of GarageBand thought they should be.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.