Nvidia repairs serious security flaws in its geforce controllers

Nvidia has recently released a patch for its GeForce drivers for Windows due to serious security vulnerabilities that could allow denial of service attacks and / or gain administrator privileges, thus compromising the entire system.

Nvidia repairs serious security flaws and recommends installing GeForce version 430.64

Quadro and Tesla GPUs are affected, too, but not all have received a patch, and many won't until May 13-20.

The “CVE-2019-5675” security problem, the most serious of the three, is due to a hole in the core of one of the controller components. Basically, the kernel is a very important part of the driver that has special privileges on the information that you can access and modify. Due to a problem in which the controller does not "properly sync shared data" (data between the controller and other parts of the system), a hacker or malware program could theoretically gain control of a system, attacking a system with denial service or collect data with relative ease.

Visit our guide on the best graphics cards on the market

Because the driver does not check whether certain files are validated in Windows (bug "CVE-2019-5676"), an attacker could replace the DLL files and mislead the system or user into believing they are legitimate and thereby activating some type attack or cheat. Since DLLs are often automatically executed as part of programs, a user or the system may never know that a DLL is actually malware in disguise. The third and final vulnerability, "CVE-2019-5677", is also capable of offering denial of service attacks thanks to another core failure.

As with most patches, it is highly recommended that you install these latest drivers, which on Windows is GeForce version 430.64.

Tomshardware font