Skip to main content
  1. Home
  2. Computing
  3. Gaming
  4. News

An Nvidia vulnerability has been found. It’s time to update your drivers

Add as a preferred source on Google
Nvidia RTX 2060 Super and RTX 2070 Super review
Dan Baker/Digital Trends

Just this month, Nvidia posted a security bulletin on its site alerting consumers that GPUs in its GeForce, Quadro, and Tesla product lines were all affected by serious vulnerabilities. The vulnerabilities range in severity, but get as dangerous as local code execution and privilege escalation, and can be found in all versions of numerous driver tracks that the company provides for its hardware.

Notably, this includes the R430 line that powers the GeForce GPUs. While Nvidia has since issued new patched versions of all of its GeForce and many of its Quadro drivers, patches for some of its Quadro and Tesla drivers have not been released, and in some cases won’t be ready for two weeks.

Recommended Videos

The revelation of these substantial security flaws comes at an exceptionally awkward time for the GPU manufacturer, as it has just released its GeForce RTX Super line of graphics cards to capitalize on the post-E3 gaming excitement. Considering that concern for local privilege escalation vulnerabilities is often taken less seriously than more menacing remote code execution vulnerabilities due to the comparatively limited attack vector, gamers may not think to download and install a patch to their freshly purchased RTX Super GPU.

These security holes also coincide with a recent disappointing showing against AMD. After AMD successfully tricked Nvidia into sabotaging its own RTX Super release with a less-than-competitive price point, marketing gleaming new GPUs with high-severity vulnerabilities right out of the gate surely feels like getting salt in its wound.

One saving grace for Nvidia is that some hardware manufacturers may bundle the driver update as part of larger system updates, but users should definitely not count on this.

As things currently stand, a local code execution bug combined with a privilege execution bug can leave unpatched devices open to physical attacks in which a malicious actor gains physical access to a device to give themselves administrator privileges and run arbitrary code. This kind of attack is not out of the question, as many of the devices containing vulnerable Nvidia graphics cards are used by creatives who may or may not have robust security models, or may be using publicly accessible devices like those in libraries or gaming lounges. Regardless, any consumer with affected hardware should download and run the patch installers Nvidia has provided (or will soon provide, for those that are not yet available) as soon as possible.

Jonathan Terrasi
Former Digital Trends Contributor
Jonathan has studiously followed trends in technology, particularly in information security and digital privacy, since 2014…
This app gives your Mac a music player you’ll actually enjoy using
Apple Music on the Mac is a chore. Liqoria is the fix, and it plays nice with Spotify and YouTube too.
Liqoria music player

The Apple Music app on the Mac is not up to the mark. I don’t like how it looks or behaves, and Apple should take some inspiration from Spotify to make the app more modern and useful. Until that happens, we are stuck with a subpar app experience.

That’s why I never use the Apple Music app on my Mac and rely on third-party apps that let me control music. Today I am featuring one of the latest apps I discovered. It’s called Liqoria, and it’s probably the only music player app you will ever need.

Read more
Anthropic is giving away Claude Fable 5 at no extra cost for a limited time
You can try Claude Fable 5 for free - but don't wait too long
Electronics, Mobile Phone, Phone

Anthropic is making it a little easier for paying subscribers to try its newest AI model without spending extra money. The company has announced a limited-time promotion that gives users on eligible paid plans access to Claude Fable 5 at no additional cost until July 19, 2026. There's a catch, though: the model isn't completely unlimited, and once you hit a usage threshold, you'll either need to start paying or switch to another Claude model.

The promotion comes as competition in the AI assistant market continues to intensify. OpenAI, Google, Microsoft and Anthropic are all racing to get users onto their latest flagship models, often using free trials or promotional access to encourage adoption. Rather than offering unlimited access, Anthropic is betting that giving subscribers enough time to experience Fable 5's capabilities will convince many to continue using it after the promotion ends.

Read more
Scammers are now cloning trusted news websites to steal your money
Breaking news: That breaking news probably isn't breaking news
Scammers are turning trusted news brands into investment traps

Seeing a story on the website of a trusted news organisation is usually enough to lower your guard. Cybercriminals know that, and they're increasingly exploiting the credibility of major publishers to steal money from unsuspecting readers. The latest example involves fake Guardian articles featuring billionaire Jim Ratcliffe. Still, the scam is part of a much larger campaign that's also impersonating the BBC and other well-known media outlets.

According to The Guardian, fraudsters are creating convincing clones of legitimate news websites and filling them with fabricated stories designed to lure readers into bogus cryptocurrency and investment schemes. Instead of trying to hack victims directly, the scammers first convince them they're reading real journalism.

Read more