Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

NVIDIA to Fix Driver Exploit This Weekend

NVIDIA said that it would patch a driver exploit disclosed by a researcher on Christmas Day, which allows an attacker to gain super-user access to any desktop or laptop running the vulnerable software.

NVIDIA said that it would patch a driver exploit disclosed by a researcher on Christmas Day, which allows an attacker to gain super-user access to any desktop or laptop running the vulnerable software.

Last week, SecurityWeek covered the disclosure from Peter Winter-Smith, a researcher from the U.K., who published details about an interesting exploit he discovered within the NVIDIA Display Driver Service.

NVIDIA Driver Vulnerability

“The service listens on a named pipe (pipensvr) which has a NULL DACL configured, which should mean that any logged on user or remote user in a domain context (Windows firewall/file sharing permitting) should be able to exploit this vulnerability,” he Winter-Smith wrote

“The NVidia vulnerability identified by Peter Winter-Smith is a serious risk to any organization using these drivers on enterprise systems,” HD Moore, CSO at Rapid7 and Chief Architect for Metasploit told SecurityWeek at the time. “The vulnerability allows a remote attacker with a valid domain account to gain super-user access to any desktop or laptop running the vulnerable service.”

“This flaw also allows an attacker (or rogue user) with a low-privileged account to gain super-access to their own system, but the real risk to enterprises is the remote vector,” Moore added.

An NVIDIA spokesperson told SecurityWeek that they will post a driver update this weekend to address the issue.

“NVIDIA takes security seriously and our plan is to post a driver update this weekend,” NVIDIA said. “In the interim, to maintain a secure environment, we recommend use of firewalls or disabling Windows file sharing services, in addition to maintaining up-to-date anti-virus software, applying vendor supplied patches, and not running software from untrusted sources.”

The spokesperson said users should check geforce.com where its drivers are posted.

Written By

Click to comment

Expert Insights

Related Content

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Vulnerabilities

Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.