The Nvidia security flaw affecting Windows and Linux devices exposes these two operating systems to potential cyber-attacks. These security risks could have allowed escalation of privileges on Windows and Linux devices if the developers did not patch them.
Nvidia security vulnerabilities patched
Nvidia had recently processed a large-scale patch when they encountered flaws that were found in the GPU display drivers of the respective Operating Systems and the Nvidia Virtual GPU management software.
The experts found six total vulnerabilities in the display drivers and ten total when counting the vGPU management software’s security flaws.
The unpatched systems could be hit with the Denial of Service attack. As the name suggests, a DOS attack stops the system from properly functioning or denying it from performing it’s actions by saturating it with requests.
These vulnerabilities could also lead to a Privilege Escalation attack. This allows an attacker who gained access to your system to elevate their level of privileges, which in turn gives them more access to your system. Eventually they can do anything they wish from there.
The solution is simple. The Nvidia driver downloads page is providing the latest security page for these issues. Those who have an Nvidia GPU can download the update from there.
Users might also need to update their antivirus system that could detect and destroy potentially harmful security threats. You can download a good antivirus program online, and while I don’t recommend any one brand over another, I do suggest you stay away from free anti-virus solutions. You can watch my YouTube video for more information on why.
Some might have an issue with manually updating the patch. For that, Nvidia has developed security patches that would come along with Windows GPU display driver versions 460.84, 452.66, and 457.66.
Those currently using the Enterprise version may have to update Nvidia’s vGPU software through Nvidia Licensing Center. They need to sign in to the Enterprise Application Hub of Nvidia that would redirect them to the latest updates.
In addition to this, Nvidia also was troubleshooting the problems happening inside all of the display drivers and their respective software. Only three threats titled CVE-2021-1052, CVE-2021-1053, and CVE-2021-1056 are yet to be fixed. The following vulnerabilities could have an impact on the Linux GPU Display Driver for Tesla GPUs. Nvidia claims they will fix these problems soon.
Users who are interested in seeing the complete security risk details documented by Nvidia can see the January 2021 Security Bulletin of the company.