Software & Apps

Apple patches security flaw in GarageBand 10.4.11 for macOS Sonoma, Ventura

Posted on by

On Tuesday, March 12, Apple released a security update for GarageBand for macOS Sonoma and macOS Ventura.

GarageBand is Apple’s free app for music creation. (Apple also sells Logic Pro for more advanced users.)

The release notes only state that GarageBand 10.4.11 “includes stability improvements and bug fixes and is recommended for all users.” Although Apple doesn’t mention the security patch there, there’s a separate document about it, linked from the Apple security releases page.

Following are the update’s security release notes:

GarageBand

Available for: macOS Ventura and macOS Sonoma

Impact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution

Description: A use-after-free issue was addressed with improved memory management.

CVE-2024-23300: Marc Schoenefeld, Dr. rer. nat.

To obtain the update:

  1. Click on the Apple menu in the top-left corner of your screen, then click App Store.
  2. Next, click Updates in the sidebar.
  3. If the GarageBand update doesn’t appear immediately, click on the Store menu and choose Reload Page.
  4. Finally, click on the Update button next to the app.

The Updates section of the Mac App Store. Image credit: Apple

How can I learn more?

We’ll discuss the GarageBand security update on episode 335 of the Intego Mac Podcast.

Each week on the Intego Mac Podcast, Intego’s Mac security experts discuss the latest Apple news, security and privacy stories, and offer practical advice on getting the most out of your Apple devices. Be sure to follow the podcast to make sure you don’t miss any episodes.

You can also subscribe to our e-mail newsletter and keep an eye here on The Mac Security Blog for the latest Apple security and privacy news. And don’t forget to follow Intego on your favorite social media channels: Follow Intego on X/Twitter Follow Intego on Facebook Follow Intego on YouTube Follow Intego on Pinterest Follow Intego on LinkedIn Follow Intego on Instagram Follow the Intego Mac Podcast on Apple Podcasts

About Joshua Long

Joshua Long (@theJoshMeister), Intego's Chief Security Analyst, is a renowned security researcher and writer, and an award-winning public speaker. Josh has a master's degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Information Security. Apple has publicly acknowledged Josh for discovering an Apple ID authentication vulnerability. Josh has conducted cybersecurity research for more than 25 years, which has often been featured by major news outlets worldwide. Look for more of Josh's articles at security.thejoshmeister.com and follow him on X/Twitter, LinkedIn, and Mastodon. View all posts by Joshua Long →