Nvidia releases driver update to fix security exploit

Nvidia releases driver update to fix security exploit

Summary: Nvidia has released a new set of driver updates to patch up a security flaw found within the Nvidia Display Driver service.

SHARE:
TOPICS: Hardware, Security
5

Nvidia has quietly released a new set of drivers to patch up a security flaw found within the Display Driver service, which came to light via a U.K.-based researcher on Christmas day.

nvidia graphics card driver update security flaw patch exploit

If you happen to be an owner of a GeForce graphics processing unit (GPU), then the quiet release of the latest GeForce-based drivers is certainly worth a quick download.

On Saturday, the firm made the new WHQL-certified graphics drivers -- version 310.90 -- available. The release notes say that the file "adds a security update for the NVIDIA Display Driver service (nvvsvc.exe)." However, it does not mention the fact that U.K. researcher Peter Winter-Smith discovered a flaw in December which makes the display driver service vulnerable to buffer overflow and code injection attacks. In other words, the security flaw could potentially be used by a remote attacker with a domain account to gain access to a system running older drivers.

In addition to killing off the security flaw, the driver update also comes complete with a number of bug fixes and performance enhancements for some gaming titles. New 3D Vision profiles have been added, and faster performance will improve a number of PC games including Call of Duty: Black Ops 2 and Assassin's Creed III.

The download is available at the firm's website.

Fixing the security exploit and improving the performance of gaming through the release comes alongside Nvidia's presence at 2013's Consumer Electronics Show, where the company has debuted a new Android-powered gaming console dubbed Project Shield, as wel as the Tegra 4 quad-core mobile processor.

Topics: Hardware, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

5 comments
Log in or register to join the discussion
  • wow really?

    I have been using 3.10 on Ubuntu for about 2 weeks now.
    slickjim
  • This security flaw is only locally exploitable

    “In other words, the security flaw could potentially be used by a remote attacker with a domain account to gain access to a system running older drivers”.

    That is incorrect. The security researcher stated the following about the exploit:

    “I still believe that this issue wasn't particularly severe. The fact that it was discovered in a big name vendor's software probably explains the unexpected level of attention it ended up receiving,” Winter-Smith said. “I released the original exploit since (I felt) there was something fairly elegant in the way the vulnerability lent itself to allowing a bypass of the three major operating-system based anti-exploit mechanisms in play today, rather than for any expected media attention.”

    In addition, the flaw is only locally and not remotely exploitable. For further information on this exploit and its patch, please see the following links:

    http://threatpost.com/en_us/blogs/nvidia-hacker-confirms-security-update-clears-driver-zero-day-010713

    http://threatpost.com/en_us/blogs/nvidia-display-driver-service-attack-escalates-privileges-windows-machines-122712

    I hope this helps. Thank you.
    JimboC421
    • The flaw is remotely exploitable.

      Jimbo, the flaw *is* remotely exploitable as Charlie states within a domain context; your information regarding this is inaccurate. The exploitability in a domain context is documented in the OSVDB (http://osvdb.org/88745), and mentioned in the researcher's original pastebin entry (http://www.anonpaste.me/anonpaste2/index.php?7d9084b36b95d57e#LEVd4vMjqQlGzfip5uveBNezuKqIG3vulNwpOr5rUf4), "any logged on user
      or remote user in a domain context (Windows firewall/file sharing
      permitting) should be able to exploit this vulnerability".
      JakeWatson
      • Point Taken

        Hi Jake,

        Thanks for the additional info. I stand corrected. Apologies for my confusion.
        JimboC421
    • I stopped using my windows box a few weeks ago

      Due to (I think) this exploit. It was with windows 8 64 bit. Before the advisory. I have packet sniffs. I think that this exploit was used in conjunction with others to gain remote access and control. I think I was also spearfished via email. I think that these exploits are deliberately included as a 'feature' of the driver, a deniable one, to facilitate espionage. I think that if script kiddies are doing it then they are stooges for the real culprits. You know who they are.
      walkerjian@...