Security Experts:

NVIDIA to Fix Driver Exploit This Weekend

NVIDIA said that it would patch a driver exploit disclosed by a researcher on Christmas Day, which allows an attacker to gain super-user access to any desktop or laptop running the vulnerable software.

Last week, SecurityWeek covered the disclosure from Peter Winter-Smith, a researcher from the U.K., who published details about an interesting exploit he discovered within the NVIDIA Display Driver Service.

NVIDIA Driver Vulnerability

“The service listens on a named pipe (\pipe\nsvr) which has a NULL DACL configured, which should mean that any logged on user or remote user in a domain context (Windows firewall/file sharing permitting) should be able to exploit this vulnerability,” he Winter-Smith wrote

"The NVidia vulnerability identified by Peter Winter-Smith is a serious risk to any organization using these drivers on enterprise systems," HD Moore, CSO at Rapid7 and Chief Architect for Metasploit told SecurityWeek at the time. "The vulnerability allows a remote attacker with a valid domain account to gain super-user access to any desktop or laptop running the vulnerable service."

"This flaw also allows an attacker (or rogue user) with a low-privileged account to gain super-access to their own system, but the real risk to enterprises is the remote vector," Moore added.

An NVIDIA spokesperson told SecurityWeek that they will post a driver update this weekend to address the issue.

“NVIDIA takes security seriously and our plan is to post a driver update this weekend," NVIDIA said. "In the interim, to maintain a secure environment, we recommend use of firewalls or disabling Windows file sharing services, in addition to maintaining up-to-date anti-virus software, applying vendor supplied patches, and not running software from untrusted sources.”

The spokesperson said users should check geforce.com where its drivers are posted.

Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.