NVIDIA recommends updating your graphics drivers to protect against five critical vulnerabilities

ByAdan Flannigan 2019-08-07 257

NVIDIA, the manufacturer of GeForce graphics cards, among others, strongly recommends users of their Windows cards to upgrade drivers or drivers to version 431.60, as they have detected five vulnerabilities that, if certain requirements and conditions are met, can cause havoc in some Windows computers, as they do not affect Linux.

 new drivers patch 

In addition to GeForce cards, NVIDIA's family of cards also includes Quadro and Tesla cards. For the former, the update is already available, and according to the company, installing it is the only way to mitigate vulnerabilities.

On the other hand, you have a Quadro or Tesla, you will have to wait until the weeks of August 19 and 12, respectively, to receive the patch. Some Quadro / NVS have already received updates 426.00 and 392.56, which mitigate the problems.

 new drivers patch 

What vulnerabilities the new drivers patch?

Of the five major vulnerabilities, three are considered to be of high severity, and two have medium severity. Even so, the company recognizes that this assessment is based on the average risk of the systems installed, and that it may not represent a real risk for all equipment.

This is the risk posed by each of them, in order of highest to lowest risk in the CVSS V3 scale of vulnerability assessment:

 new drivers patch

● CVE-2019-5683: Valuation 8.8 in CVSS V3. There is a failure in the controller's tracking logger to create links that the software fails to verify. This makes it possible to generate links that are not detestable by the system in the event of an attack, which would allow the execution of local code, denials of service and the achievement of escalation of privileges.

● CVE-2019-5684: Rating 7.8 in CVSS V3. The driver contains a vulnerability in DirectX drivers, in which a meticulously designed shader can cause access outside the input limits of the texture matrix. This can result in denial of service or code execution.

● CVE-2019-5685: Rating 7.8 in CVSS V3. Another vulnerability in DirectX drivers where a meticulously designed shader can cause access outside the input limits of the shader array, which can lead to denial of service or code execution.

● CVE-2019-5686 and CVE-2019-5687. Ratings of 5.6 and 5.2 respectively, the least strong vulnerabilities. They have to do with vulnerabilities in the kernel layer driver for DxgkDdiEscape, and both can cause denial of service or data filtering in different situations.

To install the necessary drivers, just go to the NVIDIA download website, enter your graphics card model, operating system version, driver type and download them manually, after which you will be able to install them. Another option is to search for them from the GeForce Experience. The assemblers can release updates through Windows Update, but may take some time to arrive.

 You may also want to read:
 Redmi Note 8 and Redmi Note 8 Pro are coming: latest news about their specs and release date
 Samsung Galaxy Tab S6 vs Samsung Galaxy Tab S5e vs Samsung Galaxy Tab S4: this is all that has changed
 Vivo Z5 to be released on July 31: here are confirmed specs and camera samples

Gearbest secure payment methods

Extensive Product Selection

● Over 300,000 products

● 20 different categories

● 15 local warehosues

● Multiple top brands

Convenient Payment

● Global payment options: Visa, MasterCard, American Express

● PayPal, Western Union and bank transfer are accepted

● Boleto Bancario via Ebanx (for Brazil)

Prompt Shipping

● Unregistered air mail

● Registered air mail

● Priority line

● Expedited shipping

Dedicated After-sales Service

● 45 day money back guarantee

● 365 day free repair warranty

● 7 day Dead on Arrival guarantee (DOA)

You might also like


Related Products