NVIDIA recommends updating your graphics drivers to protect against five critical vulnerabilities
By Adan Flannigan 2019-08-07 248 0
In addition to GeForce cards, NVIDIA's family of cards also includes Quadro and Tesla cards. For the former, the update is already available, and according to the company, installing it is the only way to mitigate vulnerabilities.
On the other hand, you have a Quadro or Tesla, you will have to wait until the weeks of August 19 and 12, respectively, to receive the patch. Some Quadro / NVS have already received updates 426.00 and 392.56, which mitigate the problems.
What vulnerabilities the new drivers patch？
Of the five major vulnerabilities, three are considered to be of high severity, and two have medium severity. Even so, the company recognizes that this assessment is based on the average risk of the systems installed, and that it may not represent a real risk for all equipment.
This is the risk posed by each of them, in order of highest to lowest risk in the CVSS V3 scale of vulnerability assessment:
● CVE-2019-5683: Valuation 8.8 in CVSS V3. There is a failure in the controller's tracking logger to create links that the software fails to verify. This makes it possible to generate links that are not detestable by the system in the event of an attack, which would allow the execution of local code, denials of service and the achievement of escalation of privileges.
● CVE-2019-5684: Rating 7.8 in CVSS V3. The driver contains a vulnerability in DirectX drivers, in which a meticulously designed shader can cause access outside the input limits of the texture matrix. This can result in denial of service or code execution.
● CVE-2019-5685: Rating 7.8 in CVSS V3. Another vulnerability in DirectX drivers where a meticulously designed shader can cause access outside the input limits of the shader array, which can lead to denial of service or code execution.
● CVE-2019-5686 and CVE-2019-5687. Ratings of 5.6 and 5.2 respectively, the least strong vulnerabilities. They have to do with vulnerabilities in the kernel layer driver for DxgkDdiEscape, and both can cause denial of service or data filtering in different situations.
To install the necessary drivers, just go to the NVIDIA download website, enter your graphics card model, operating system version, driver type and download them manually, after which you will be able to install them. Another option is to search for them from the GeForce Experience. The assemblers can release updates through Windows Update, but may take some time to arrive.
● Over 300,000 products
● 20 different categories
● 15 local warehosues
● Multiple top brands
● Global payment options: Visa, MasterCard, American Express
● PayPal, Western Union and bank transfer are accepted
● Boleto Bancario via Ebanx (for Brazil)
● Unregistered air mail
● Registered air mail
● Priority line
● Expedited shipping
● 45 day money back guarantee
● 365 day free repair warranty
● 7 day Dead on Arrival guarantee (DOA)
2018-06-06By GB Blog Official
2020-04-02By Joe Horner
2018-09-14By GB Blog Official
2019-09-20By Joe Horner
2019-10-11By Joe Horner
2019-12-10By Joe Horner