|
|
NVIDIA Issues Warning to Upgrade Drivers Due to Security Patches - TechAmok
NVIDIA Issues Warning to Upgrade Drivers Due to Security Patches - [briefly]
05:35 AM EDT - Aug,05 2019 - (1 comments) NVIDIA has found a total of five security vulnerabilities with its Windows drivers for GeForce, Quadro and Tesla lineup of graphics cards. These new security risks are labeled as very dangerous and have the potential to cause local code execution, denial of service, or escalation of privileges, unless the system is updated. Users are advised to update their Windows drivers as soon as possible in order to stay secure and avoid all of these vulnerabilities, so be sure to check your drivers for latest version. Exploits are only accessible on Windows based OSes, starting from Windows 7 to Windows 10.
However, one fact that is easing this situation is that in order to exploit a system, attacker must have local access to the machine that is running NVIDIA GPU, as remote exploit can not happen. Bellow are the tables provided by NVIDIA that show type of exploit along with rating it carries and which driver versions are affected. There are no mitigations for this exploit, as driver update is the only available solution to secure the system.
he vulnerabilities are rated using CVSS V3 base scoring system and they are arranged as following:- CVE-2019-5683 - Most dangerous of all the vulnerabilities. This exploits uses driver's trace logger weakness to create hard links, that software does not check. Attacker could create any link without getting warned by the system and force local code execution, denial of service or escalation of privileges. Rated with a score of 8.8.
- CVE-2019-5684 - Vulnerability which uses carefully crafted shaders in order to cause out of bounds access to input texture array, possibly leading to denial of service or code execution. Rated with a score of 7.8
- CVE-2019-5685 - Vulnerability which also uses carefully crafted shaders in order to cause out of bounds access to shader local temporary array, possibly leading to denial of service or code execution as well. Rated with a score of 7.8
- CVE-2019-5686 - Vulnerability hidden in kernel mode layer handler for DxgkDdiEscape, which uses different data structures and DirectX API functions that are not always valid, leading to denial of service if the API function or data structure is incorrect. Rated with a score of 5.6.
- CVE-2019-5687 - Least dangerous exploit of all five. It is also a problem in kernel model layer handler for DxgkDdiEscape, which may put system at risk if incorrect default permissions are used for an object. This can lead to information disclosure or denial of service. Rated with a score of 5.2.
|
|
| (04:54 PM EDT - May,28 2020) - JoseLHarris | NVIDIA Issues Warning to Upgrade Drivers Due to Security and this warning are good for their safety. I want to find the best places that help me knowing about these happenings. I want to find more information from the https://www.bestwritingservicecanada.com/rush-essay-review/ and it is a great platform for all of us. |
|
Add your comment (free registrationrequired)
Short overview of recent news articles |
|
Mar,03 2026 Google Drops Massive Android Security Patch: Fixes 129 Flaws Mar,02 2026 Apple Unveils iPhone 17e: MagSafe, A19 Chip, and Double Storage at Mar,02 2026 NVIDIA GeForce 595.71 WHQL Driver Mar,02 2026 Russian-Linked APT28 Exploits Zero-Day in Legacy MSHTML Engine to Mar,02 2026 Honor Unveils Mind-Blowing Robot Phone with Dancing Camera at MWC Mar,02 2026 Resident Evil 9 Requiem - Bonus DLC Mar,01 2026 Microsoft's Copilot Discord Server Locked Amid 'Microslop' Spam Mar,01 2026 Anghami CEO Open-Sources Powerful Real-Time Global War Monitor Mar,01 2026 Chinese Developers Unleash Blazing-Fast Android AI Agent with Mar,01 2026 Claude Surges to #1 on App Store as ChatGPT Faces Boycott Backlash Feb,28 2026 Google Reveals Key New Features of Android 17 Feb,28 2026 OLED Gaming Monitors Are Finally Affordable Feb,28 2026 OpenAI's KYC Partner Exposed in Surveillance Scandal as ChatGPT Feb,28 2026 Pentagon Blacklists Anthropic Over AI Safeguards; OpenAI Secures Feb,27 2026 Have RAM and GPU Prices Peaked? Feb,27 2026 Zoom 'Update' Trap: Fake Site Infects 1,437 Users with Spyware in Feb,27 2026 Stop WASTING Money on Fancy RAM Feb,27 2026 Drunk AI robot Feb,26 2026 AirSnitch Exposes Critical Flaw: Wi-Fi Client Isolation Broken in Feb,26 2026 Revolutionary Ultrasonic Knife Hits Kitchens: C-200 Vibrates for Feb,26 2026 Apple Scores Historic NATO Security Clearance: iPhone and iPad First Feb,26 2026 Kali Linux Goes AI-Powered: Claude Now Runs Your Pen Tests in Plain Feb,26 2026 Resident Evil Requiem - Stunning on PS5 Pro + PS5/Xbox Series X|S Feb,26 2026 Samsung Galaxy S26 Ultra Flexes Hardware Muscle Over iPhone 17 Pro Feb,26 2026 The Galaxy S26 Ultra has a 'wow' feature with video Lock Feb,26 2026 I built the most BORING PC possible... and here is why it's Feb,26 2026 Micron Blasts GDDR7 as Gaming Bottleneck While Nvidia's RTX 50 Feb,26 2026 UK Tightens Grip on Streaming Giants: Age Verification Now Mandatory Feb,25 2026 Samsung Previews New AI Features Ahead of Flagship Phone Launch Feb,25 2026 China's DeepSeek Bars Nvidia and AMD from New AI Model, Boosts Feb,25 2026 Avast Impersonation Scam: Fake Site Tricks Users into Handing Over Feb,25 2026 Microsoft Pulls the Plug: Windows Server 2016 and 2016-Era Windows Feb,25 2026 I Scrapped 13 MACHINES to Prove a Point: STOP BUYING These Brands! Feb,25 2026 How Stealthy was the 7zip Malware and how to spot it? Feb,25 2026 Microsoft Drops Fresh Non-Security Boost for Windows 11 24H2 and Feb,24 2026 Game-Changer: ASML's 1kW EUV Upgrade Promises 50% Chip Production Feb,24 2026 This Outstanding Cooling Technology Might Have No Future Feb,24 2026 AMD Strix Halo 395 vs Intel Panther Lake - Real Benchmarks Feb,24 2026 Anthropic published a blog post saying Claude can modernize COBOL Feb,24 2026 WhatsApp Goes Beyond 2FA: Extra Password Layer Makes Accounts Nearly
>> News Archive <<
| |
|
