Urgent security warning: NVIDIA urges GeForce users to update drivers

Join us now!

Username
Password
Verification
	Stay logged in

Forgot Your Password? Forgot your Username? Haven't received registration validation E-mail?

Welcome, ! User Control Panel Log out

Forums
Posts

Latest Posts

Active Posts

Recently Visited

Search Results

View More
Blog

Recent Blog Posts

View More
Photos

Recent Photos

My Favorites

View More Photo Galleries
PMs

Unread PMs

Inbox

Send New PM View More
Page Extras
Menu
- Forum Themes

Mark Thread UnreadFlat Reading Mode ❐

Urgent security warning: NVIDIA urges GeForce users to update drivers

Author Post Essentials Only Full Version
Cool GTX EVGA Forum Moderator Total Posts : 30995 Reward points : 0 Joined: 2010/12/12 14:22:25 Location: Folding for the Greater Good Status: offline Ribbons : 123 2024/11/08 03:50:06 (permalink) Urgent security warning: NVIDIA urges GeForce users to update drivers – Eight critical vulnerabilities discovered 5. November 2024 06:00 Samir Bashir (Excerpt) Details of the security vulnerabilities The identified vulnerabilities affect both the NVIDIA GPU Display Driver and the NVIDIA VGPU software. These driver components control the display and management of graphical content on Windows and Linux systems. The vulnerabilities may allow an attacker with elevated privileges to execute malicious code or gain access to sensitive data. Possible attack scenarios include code execution, denial of service, escalation of privileges and information theft. The risk is rated between 7.1 and 8.2 on the CVSS scale, underlining the severity of the threat. Affected driver versions and recommended updates (formatting changed from article & bold added for clarity) To minimize the risk, NVIDIA has provided updated driver versions that close the vulnerabilities. The recommended versions vary depending on the operating system and GPU model. - Windows users using GeForce, RTX, Quadro or NVS GPUs should update to versions 566.03, 553.24 or 538.95. - Versions 553.24 and 538.95 are intended for NVIDIA Tesla GPUs. - Linux users should install versions 565.57.01, 550.127.05 or 535.216.01, depending on the GPU model, to ensure that the gaps are closed. Risk for users without an update Ignoring these updates could leave systems open to attack. Particularly dangerous is the potential escalation of privileges, which opens up a wide range of manipulation possibilities for attackers. The vulnerabilities in the previous drivers offer attackers the opportunity to gain full access to a system and compromise personal data or influence system behavior. Especially in corporate environments that rely on professional GPUs such as Quadro and Tesla, unclosed security gaps can have serious consequences. ----------------- ( end excerpt) ---------------- Time to plug some more security holes Also posted & Pinned this information, in the GPU Sections Learn your way around the EVGA Forums, Rules & limits on new accounts Ultimate Self-Starter Thread For New Members I am a Volunteer Moderator - not an EVGA employee **Older RIG projects RTX Project Nibbler** When someone does not use reason to reach their conclusion in the first place; you can't use reason to convince them otherwise! #1 0 Replies Related Threads

Author

Post

Essentials Only Full Version

Cool GTX

EVGA Forum Moderator

Total Posts : 30995
Reward points : 0
Joined: 2010/12/12 14:22:25
Location: Folding for the Greater Good
Status: offline
Ribbons : 123

2024/11/08 03:50:06 (permalink)

Urgent security warning: NVIDIA urges GeForce users to update drivers – Eight critical vulnerabilities discovered
5. November 2024 06:00
Samir Bashir

(Excerpt)

Details of the security vulnerabilities

The identified vulnerabilities affect both the NVIDIA GPU Display Driver and the NVIDIA VGPU software. These driver components control the display and management of graphical content on Windows and Linux systems. The vulnerabilities may allow an attacker with elevated privileges to execute malicious code or gain access to sensitive data. Possible attack scenarios include code execution, denial of service, escalation of privileges and information theft. The risk is rated between 7.1 and 8.2 on the CVSS scale, underlining the severity of the threat.

Affected driver versions and recommended updates

(formatting changed from article & bold added for clarity)

To minimize the risk, NVIDIA has provided updated driver versions that close the vulnerabilities. The recommended versions vary depending on the operating system and GPU model.

- Windows users using GeForce, RTX, Quadro or NVS GPUs should update to versions 566.03, 553.24 or 538.95.

- Versions 553.24 and 538.95 are intended for NVIDIA Tesla GPUs.

- Linux users should install versions 565.57.01, 550.127.05 or 535.216.01, depending on the GPU model, to ensure that the gaps are closed.

Risk for users without an update

Ignoring these updates could leave systems open to attack. Particularly dangerous is the potential escalation of privileges, which opens up a wide range of manipulation possibilities for attackers. The vulnerabilities in the previous drivers offer attackers the opportunity to gain full access to a system and compromise personal data or influence system behavior. Especially in corporate environments that rely on professional GPUs such as Quadro and Tesla, unclosed security gaps can have serious consequences.

----------------- ( end excerpt) ----------------
Time to plug some more security holes

Also posted & Pinned this information, in the GPU Sections

Learn your way around the EVGA Forums, Rules & limits on new accounts Ultimate Self-Starter Thread For New Members

I am a Volunteer Moderator - not an EVGA employee

Older RIG projects RTX Project Nibbler

When someone does not use reason to reach their conclusion in the first place; you can't use reason to convince them otherwise!

0 Replies Related Threads

Jump to: