Updated:06:28 AM EST Dec 15


this is ggmania.com subsite NVIDIA Issues Warning to Upgrade Drivers Due to Security Patches - TechAmok

TOP STORIES

HEADLINES

Elon Musk: Earlier Cybertruck Tests
AT&T Launching Low-Band 5G for Consumers in Coming Weeks
This Slow-Motion Crash Test Footage
7nm Intel Xe GPUs Codenamed 'Ponte Vecchio'
Windows 10 Nov 2019 Update 1909 Released
iPhone 11 Pro vs Original iPhone!
OZZY OSBOURNE - "Under the Graveyard"
NVIDIA Releases GeForce 441.12 WHQL Game Ready Drivers
Death Stranding Rick & Morty ad
2020 Mercedes-Maybach S 650 BRABUS 900 - Details
Slipknot - Psychosocial in 25 styles
No shots Dr. Vet man! I am fierce! Ok, one shot... But I didn't
PCI-Express Gen 6.0 Specification to Finalize by 2021
Greta Thunberg sings Swedish Death Metal
2 Hands 2 Drawings at the same Time - DP Truong
Naruto Running in Area 51
App vs website
Experiment: Coca Cola and Mentos Under Water

The best pics on the Internet #268
BEST NEWS BLOOPERS 2019
Dangerous tattoo remover from eBay is a MILLION watt laser
PC Game Deals
iOS 13.3 Bug Allows Kids To Bypass Parental Controls
Why you don't need blue light lenses: Hidden camera investigation
ASMR Xenomorph Attack
Jazz drummer reacts: Meshuggah-Clockworks (Tomas Haake)
AMD Announces the Radeon RX 5500 XT Graphics Card
AMD Releases Radeon Software Adrenalin 19.12.2 with RX 5500 XT
iOS 13.3 Brings New Parental Controls, Supports Physical Security
Google Assistant Gains Real-Time Translation for 44 Languages
What Is The Most Expensive Thing In The World?
Netflix's The Witcher final trailer
Free Wastelands 2 (GOG.com)
AMD Radeon Software Adrenalin 2020 Driver Update, Boost &
Apple sues former chip designer for breach of contract
How to Extend Your Windows 7 Security Updates Past January 2020

NVIDIA Issues Warning to Upgrade Drivers Due to Security Patches - [briefly]
05:35 AM EDT - Aug,05 2019 - post a comment

NVIDIA has found a total of five security vulnerabilities with its Windows drivers for GeForce, Quadro and Tesla lineup of graphics cards. These new security risks are labeled as very dangerous and have the potential to cause local code execution, denial of service, or escalation of privileges, unless the system is updated. Users are advised to update their Windows drivers as soon as possible in order to stay secure and avoid all of these vulnerabilities, so be sure to check your drivers for latest version. Exploits are only accessible on Windows based OSes, starting from Windows 7 to Windows 10.

However, one fact that is easing this situation is that in order to exploit a system, attacker must have local access to the machine that is running NVIDIA GPU, as remote exploit can not happen. Bellow are the tables provided by NVIDIA that show type of exploit along with rating it carries and which driver versions are affected. There are no mitigations for this exploit, as driver update is the only available solution to secure the system.

he vulnerabilities are rated using CVSS V3 base scoring system and they are arranged as following:
  • CVE-2019-5683 - Most dangerous of all the vulnerabilities. This exploits uses driver's trace logger weakness to create hard links, that software does not check. Attacker could create any link without getting warned by the system and force local code execution, denial of service or escalation of privileges. Rated with a score of 8.8.
  • CVE-2019-5684 - Vulnerability which uses carefully crafted shaders in order to cause out of bounds access to input texture array, possibly leading to denial of service or code execution. Rated with a score of 7.8
  • CVE-2019-5685 - Vulnerability which also uses carefully crafted shaders in order to cause out of bounds access to shader local temporary array, possibly leading to denial of service or code execution as well. Rated with a score of 7.8
  • CVE-2019-5686 - Vulnerability hidden in kernel mode layer handler for DxgkDdiEscape, which uses different data structures and DirectX API functions that are not always valid, leading to denial of service if the API function or data structure is incorrect. Rated with a score of 5.6.
  • CVE-2019-5687 - Least dangerous exploit of all five. It is also a problem in kernel model layer handler for DxgkDdiEscape, which may put system at risk if incorrect default permissions are used for an object. This can lead to information disclosure or denial of service. Rated with a score of 5.2.

Short overview of recent news articles

Dec,10 2019 Google Upgrades Call Screening and More on Pixels
Dec,10 2019 NVIDIA Releases GeForce 441.66 WHQL Game Ready Drivers
Dec,09 2019 Intel Claims i5-9600KF Better than 3800X, i3-9350KF Better than
Dec,07 2019 Free Guy - Official Trailer
Dec,06 2019 Users on Winidows 10 version 1809 are starting to be moved to 1909
Dec,06 2019 Super Trofeo [4K]
Dec,06 2019 "YOU SHALL NOT PASS" in different languages
Dec,06 2019 Sexy blonde swimming underwater in pool very
Dec,06 2019 Netflix's The Witcher fight scene clip
Dec,06 2019 YouTube Rewind 2019: For the Record
Dec,06 2019 The iPhone 11's U1 chip necessitates constant geolocation checks
Dec,05 2019 Disney's Mulan - Official Trailer
Dec,05 2019 Visualization Of How Rich The Billionaires In 2019
Dec,05 2019 Qualcomm's First Snapdragon with Integrated 5G is the 765
Dec,05 2019 Zombie Driver HD for Free
Dec,04 2019 Apple issues fix for shutdown issue with the 2019 13-inch MacBook
Dec,04 2019 Instagram will now ask for your birthday when creating an account
Dec,04 2019 New Iranian wiper (malware) discovered
Dec,04 2019 Marvel Studios' Black Widow --Official Teaser Trailer
Dec,03 2019 Qualcomm Teases Its Next Two 5G Chipsets
Dec,03 2019 US Phones Will Report Vertical Location to 911 Dispatchers by 2021
Dec,03 2019 Metro by T-Mobile Launching Nationwide 5G Dec. 6th
Dec,03 2019 AMD Releases Radeon Software Adrenalin 19.12.1 Drivers
Dec,02 2019 AMD Radeon RX 5500 To Launch Come Dec 12th
Dec,02 2019 Never Surrender: A Galaxy Quest Documentary - Official Trailer
>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs