This article discloses the latest security vulnerabilities in NVIDIA drives. Now NVIDIA urges Windows users to download and install the available software updates through the NVIDIA driver download pages. Want to learn more information? Please continue to read the MiniTool Partition Wizard's news report.
Five Vulnerabilities Founded in NVIDIA GPU Display Driver
Nvidia recently found a few severe vulnerabilities in its display driver that need fixing. It is said that there are at least five security vulnerabilities that have been found in the NVIDIA GeForce, NVS, Quadro and Tesla graphics processing unit (GPU) display drivers for Windows. Nvidia noted that in a bulletin on its website.
You can check out the five vulnerabilities one by one here.
- CVE‑2019‑5683:“NVIDIA Windows GPU Display Driver contains a vulnerability in the user mode video driver trace logger component. When an attacker has access to the system and creates a hard link, the software does not check for hard link attacks. This behavior may lead to code execution, denial of service, or escalation of privileges.”
- CVE‑2019‑5684:“NVIDIA Windows GPU Display Driver contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution.”
- CVE‑2019‑5685:“NVIDIA Windows GPU Display Driver contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access to a shader local temporary array, which may lead to denial of service or code execution.”
- CVE‑2019‑5686:“NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software uses an API function or data structure in a way that relies on properties that are not always guaranteed to be valid, which may lead to denial of service.”
- CVE‑2019‑5687:“NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an incorrect use of default permissions for an object exposes it to an unintended actor, which may lead to information disclosure or denial of service.
Among them, three of these are rated as high severity and, unless updated, can lead to a denial of service attack and the escalation of privileges, allowing an attacker to execute malware on your Windows computer.
All vulnerabilities impact Windows systems, including Windows 7, Windows 8, Windows 8.1 and Windows 10. And the highest severity vulnerability is in the user mode video driver trace logger component of the Windows GPU display driver.
You can check out this article to backup important files on your Windows PC in advance.
Are you looking for a free backup software? The partition manager MiniTool Partition Wizard is able to backup partition or backup disk in just a few clicks.
If a threat actor has access to the system, the "hard link attack" can be enabled, resulting in code execution, privilege escalation and denial of service.
According to NVIDIA, the NVIDIA risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. And NVIDIA also recommends users to consult a security or IT professional to evaluate the risk to your specific configuration.
Update Your Nvidia Drivers Right Now
NVIDIA has released a software security update for the NVIDIA GPU Display Driver, which addresses issues that may lead to local code execution, denial of service, or escalation of privileges. You can download and install available software updates via the Nvidia Driver Downloads page. Go and get the newest Nvidia drivers updates right now.
Your computer hardware vendor may provide you with Windows driver version 431.23, 425.85, or 412.39 which also contains the security update.
Updating your drivers as soon as possible is strongly recommended to protect your systems from whatever level of risk applies. Low-risk scenarios are still risk scenarios, which should be mitigated to maintain the integrity of the system.
According to Softpedia News reports, Windows 10 users need to remember that there are two update packages available. And to see what executable is OK for your configuration, you can locate the Driver Type under the System Information menu in the NVIDIA Control Panel. You can update your Nvidia drivers Windows 10 and fix the critical vulnerabilities right now!
Nvidia Corporation is also commonly referred to as Nvidia (stylized as NVIDIA). It is an American technology company which specializes in the design of Graphics Processing Units (GPUs) that are used in computers.
Its primary GPU product line, labeled GeForce, is in direct competition with Advanced Micro Devices (AMD) Radeon products. And it expanded its influence in the gaming industry with its handheld Shield Portable, Shield Tablet and Shield Android TV.
Now Nvidia is known as a market leader in the design of GPUs for the gaming market, as well as system on chips for the mobile computing and automotive markets.