Nvidia patches a whole host of GPU driver security bugs
Patch covers over 34 different vulnerabilities
Nvidia has patched a host of bugs impacting its GPU Display Driver, addressing issues that may have led to "code execution, denial of service, escalation of privileges, information disclosure, or data tampering".
The security bulletin addressed 29 vulnerabilities in total, ranging widely in severity, which could see hardware such as its flagship GeForce and RTX line of graphics cards, and the NVIDIA Studio platform be used as vulnerable endpoints by cyber criminals.
The latest update comes as Nvidia is still displaying obvious dominance within the GPU world; Nvidia had a very significant 88% of the GPU market in Q3, compared to just 8% for AMD and 4% for Intel according to Jon Peddie Research (JPR).
What were the biggest risks?
The largest issue identified was dubbed CVE‑2022‑34669 and given a rating of 8.8. This contained a vulnerability in the user mode layer, where an unprivileged regular user could access or modify system files or other files that are critical to the application.
Coming in second place with a ranking of 8.5 was CVE‑2022‑34671, another example of a vulnerability in the user mode layer where an unprivileged regular user could cause what's called an "out-of-bounds write".
To avoid these types of security issues and protect your system, NVIDIA suggests downloading and installing software updates via the official NVIDIA Driver Downloads page.
Or alternatively, for the vGPU software and NVIDIA Cloud Gaming updates, you can head to the NVIDIA Licensing Portal.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
- Here's our list of the best workstations right now
Via The Register
Will McCurdy has been writing about technology for over five years. He has a wide range of specialities including cybersecurity, fintech, cryptocurrencies, blockchain, cloud computing, payments, artificial intelligence, retail technology, and venture capital investment. He has previously written for AltFi, FStech, Retail Systems, and National Technology News and is an experienced podcast and webinar host, as well as an avid long-form feature writer.