HomeWinBuzzer NewsNvidia Warns Windows Users to Update GPU Drivers to Ward Off Sever...

Nvidia Warns Windows Users to Update GPU Drivers to Ward Off Sever Flaw

Nvidia says security patches are now available for Windows PC users to protect them from five flaws, including one deemed high severity.

-

GPU giants has cautioned users to patch their Windows PCs with new security updates that focus on fixing a specific high-severity vulnerability. Furthermore, the patches deal with four other flaws that could be exploited.

Several flaws in Nvidia GPU driver technology could give bad actors the ability to create denial of service attacks and escalate their privileges. It is worth noting, the flaws are deemed high severity although users will need to have local access to the machine.

Nvidia talks of one of the bugs that it seems the most problematic with a severity rating of 8.8 out of 10 despite the need for local access. The flaw causes problems in a component that logs trace levels of the video driver.

“When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code execution, denial of service, or escalation of privileges,” Nvidia explains.

Nvidia says driver updates are needed across its Quadro, GeForce, NVS, and Tesla services on PCs.

More Vulnerabilities

Nvidia also discusses four less severe flaws that are part of security fixes in its latest GPU updates:

“Windows GPU Display Driver contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution.

Windows GPU Display Driver contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access to a shader local temporary array, which may lead to denial of service or code execution.

GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software uses an API function or data structure in a way that relies on properties that are not always guaranteed to be valid, which may lead to denial of service.

Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an incorrect use of default permissions for an object exposes it to an unintended actor, which may lead to information disclosure or denial of service.”

SourceNvidia
Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News