If You Have an Nvidia Graphics Card, Update Your Drivers Right Now

Nvidia has issued a security alert to its users for its display drivers. The older set of drivers had a major security problem which exposed users to denial of service (DoS) attacks and exposed their personal information to hackers.

The Vulnerability

This vulnerability arose from a bug in the drivers’ kernel mode layer handler component. The kernel mode would not synchronize shared data properly which could lead to glitches in the behavior of data – resulting in malicious attacks according to Nvidia’s security release.

[The driver] contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product does not properly synchronize shared data, such as static variables across threads, which can lead to undefined behavior and unpredictable data changes, may lead to denial of service, escalation of privileges or information disclosure.

The driver installation software also contained a high-risk security threat. The installer software incorrectly loads Windows system dynamic link libraries (DLLs) without validating their path or signature.

This exposed your system to attackers, allowing them to gain control of a directory on the DLL search path and placing a malicious copy of the DLL into the directory.

How to Fix it

Thankfully, all of these issues have been patched in Nvidia’s latest display drivers and the company is encouraging users to update their drivers as soon as possible.

If you’re using Nvidia products, such as one if its GTX or RTX based GPUs, make sure to double check that your drivers are up to date. The latest version of drivers that come with the fix is 430.64.

You can check the version of your display drivers by going into the Nvidia control panel and clicking on system information. Under the details window, it’ll show you the version of your display drivers.

If it’s not up to date, you can download the latest drivers through Nvidia’s website or through Geforce Experience if you have it installed.

  • close