Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
NVIDIA Fixes High Severity Flaw in Windows GPU Display Driver
#1
Quote:NVIDIA has released a GPU display driver security update today, February 28, 2020, that fixes high and medium severity vulnerabilities that might lead to code execution, local escalation of privileges, information disclosure, and denial of service on unpatched Windows computers.

All GPU display driver security flaws patched today by NVIDIA require local user access which means that attackers will not be able to exploit them remotely but, instead, will need to first get a foothold on the system to execute exploit code targeting one the fixed bugs.

While these security flaws require would-be attackers to have local user access, they can also be abused via malicious tools remotely dropped on systems running vulnerable NVIDIA GPU display drivers.


Today's security updates also fix one high severity and two medium severity flaws in the NVIDIA Virtual GPU Manager and the NVIDIA vGPU graphics driver for guest OS that could lead to denial of service states when triggered.

Windows driver security issues
The two GPU display driver issues come with CVSS V3 base scores ranging from 6.7 to 8.4 and impact Windows machines, while the three NVIDIA vGPU software bugs have severity ratings between 5.5 and 7.8.

By abusing these security issues, attackers can easily escalate their privileges without needing user interaction to gain permissions above the ones initially granted by the compromised systems.

The bugs could also allow them to render unpatched machines temporarily unusable by triggering denial of service states, to execute malicious code, or to access sensitive information on targeted systems.

The software security issues fixed by NVIDIA as part of the February 2020 security update are listed in the table below, with full descriptions and CVSS V3 base scores.

Continue reading HERE
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Firefox 98.0.2 fixes a crash on Windows, an add-ons issue, and more Mohammad.Poorya 0 1,761 03-23-2022 , 03:09 PM
Last Post: Mohammad.Poorya
  AMD confirms its Windows driver was at the mercy of hackers due to a dozen security mrtrout 0 812 11-14-2021 , 11:58 PM
Last Post: mrtrout
  Mozilla Fixes Firefox Flaw That Allowed Spoofing of HTTPS Browser Padlock Mohammad.Poorya 0 1,206 04-21-2021 , 07:08 PM
Last Post: Mohammad.Poorya
  NVIDIA fixes high severity flaws affecting Windows, Linux devices tarekma7 0 1,061 01-09-2021 , 05:28 PM
Last Post: tarekma7
  Google Chrome fixes antivirus 'file locking' bug on Windows 10 mrtrout 0 1,266 01-04-2021 , 04:11 AM
Last Post: mrtrout



Users browsing this thread: 1 Guest(s)