Windows users with Nvidia graphics cards should update their display drivers immediately to resolve several problematic (and potentially crash-causing) errors.
Nvidia is new Security bulletin outlines thirteen major vulnerabilities; Five are related to Nvidia’s display drivers and eight are included in Nvidia’s vGPU software. While all thirteen pose serious threats, the five display driver errors pose the greatest risk for regular users as they affect all Windows and Linux PCs with an Nvidia GPU.
- CVE-2021-1074: 7.5 CVSS Rating. Allows local attackers with physical access to your PC to tamper with the Nvidia installer. The attack could use this vulnerability to execute malicious code, steal your data, or perform a denial of service attack.
- CVE-2021-1075: 7.3 CVSS rating. A memory issue in Nvidia’s Windows display driver that leaves your PC open to various malware attacks and remote access.
- CVE-2021-1076: 6.6 CVSS rating. An issue in Windows and Linux drivers that could allow hackers to access, steal, and / or damage your PC’s data, and use denial-of-service attacks.
- CVE-2021-1077: 6.6 CVSS rating. Another problem in Windows and Linux drivers that can be used to launch denial-of-service attacks.
- CVE-2021-1078: 5.5 CVSS rating. A problem in the Windows drivers that can lead to sudden PC crashes.
Nvidia released an emergency patch last week to address these vulnerabilities. You can download the updated drivers from the GeForce Experience app or simply download the installation file from Nvidia’s download page.
Of the eight vGPU software errors, four are fatal and have a CVSS rating of 7.8. The others range from 5.1 to 7.5 CVSS threat levels. They allow several possible outcomes, such as: B. Attacks on privilege escalation, arbitrary code execution, information disclosure, data manipulation, denial-of-service attacks, memory corruption and much more. These are serious threats too, but only affect those who license Nvidia’s vGPU software.
G / O Media can receive a commission
[TechRadar]
