Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

NVIDIA to Fix Driver Exploit This Weekend

NVIDIA said that it would patch a driver exploit disclosed by a researcher on Christmas Day, which allows an attacker to gain super-user access to any desktop or laptop running the vulnerable software.

NVIDIA said that it would patch a driver exploit disclosed by a researcher on Christmas Day, which allows an attacker to gain super-user access to any desktop or laptop running the vulnerable software.

Last week, SecurityWeek covered the disclosure from Peter Winter-Smith, a researcher from the U.K., who published details about an interesting exploit he discovered within the NVIDIA Display Driver Service.

NVIDIA Driver Vulnerability

“The service listens on a named pipe (pipensvr) which has a NULL DACL configured, which should mean that any logged on user or remote user in a domain context (Windows firewall/file sharing permitting) should be able to exploit this vulnerability,” he Winter-Smith wrote

“The NVidia vulnerability identified by Peter Winter-Smith is a serious risk to any organization using these drivers on enterprise systems,” HD Moore, CSO at Rapid7 and Chief Architect for Metasploit told SecurityWeek at the time. “The vulnerability allows a remote attacker with a valid domain account to gain super-user access to any desktop or laptop running the vulnerable service.”

“This flaw also allows an attacker (or rogue user) with a low-privileged account to gain super-access to their own system, but the real risk to enterprises is the remote vector,” Moore added.

An NVIDIA spokesperson told SecurityWeek that they will post a driver update this weekend to address the issue.

“NVIDIA takes security seriously and our plan is to post a driver update this weekend,” NVIDIA said. “In the interim, to maintain a secure environment, we recommend use of firewalls or disabling Windows file sharing services, in addition to maintaining up-to-date anti-virus software, applying vendor supplied patches, and not running software from untrusted sources.”

The spokesperson said users should check geforce.com where its drivers are posted.

Advertisement. Scroll to continue reading.
Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.