- NVIDIA released security updates for its GeForce, Quadro, Tesla, and NVS GPUs.
- The update patches a DoS/escalation of privileges flaw in the drivers.
- There are many effective solutions, including DIY methods, to a wide range of software flaws and issues. Check out the troubleshooting guides to figure out which one is right for you!
- To learn more about persistent cyber threats and their remedies, head on over to the Security & Privacy.
GeForce RTX may have just received a new game-ready driver with full DirectX 12 Ultimate support. But it’s also on the receiving end of an NVIDIA GPU drivers security patch.
It’s one of the NVIDIA graphics cards recently affected by a Denial of Service (DoS) vulnerability. Other GPUs whose drivers got a security update are Quadro, Tesla, and NVS.
NVIDIA GPU drivers security flaw
Security updates for NVIDIA GPU drivers are now available. You should consider downloading the patch if you use any of the affected GPUs on Windows and Linux.
While this is not a remote code execution threat, it’s severe enough to warrant fixing without delay. With one of the bugs, an attacker requires physical access to the target device to initiate the process of breaching the GPU’s firmware.
After initial access, they can deploy scripts that give them elevated access to protected system components or resources. Likewise, this could pave the way for a DoS attack.
NVIDIA GPU Display Driver contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges.
The latest fixes for NVIDIA GPU driver vulnerabilities come at a time when drivers and firmware are already an important cyber attack vector.
For example, researchers recently demonstrated the Thunderspy vulnerability in Thunderbolt firmware. Attackers can exploit it to spy on a system, steal data, or execute arbitrary code within the system kernel.
It may take more than just the typical antivirus software to detect and stop malware that exploits firmware or driver design flaws. For that reason, Microsoft has been proposing extra reinforcements with hardware-backed or secured core security.
In the meantime, the company just added a firmware scanner to the Microsoft Defender ATP security tool.
Any views or questions about common Windows 10 driver/firmware security flaws? Feel free to let us know via the comments section below.