Skip to main content

An Nvidia vulnerability has been found. It’s time to update your drivers

Nvidia RTX 2060 Super and RTX 2070 Super review
Dan Baker/Digital Trends

Just this month, Nvidia posted a security bulletin on its site alerting consumers that GPUs in its GeForce, Quadro, and Tesla product lines were all affected by serious vulnerabilities. The vulnerabilities range in severity, but get as dangerous as local code execution and privilege escalation, and can be found in all versions of numerous driver tracks that the company provides for its hardware.

Notably, this includes the R430 line that powers the GeForce GPUs. While Nvidia has since issued new patched versions of all of its GeForce and many of its Quadro drivers, patches for some of its Quadro and Tesla drivers have not been released, and in some cases won’t be ready for two weeks.

Recommended Videos

The revelation of these substantial security flaws comes at an exceptionally awkward time for the GPU manufacturer, as it has just released its GeForce RTX Super line of graphics cards to capitalize on the post-E3 gaming excitement. Considering that concern for local privilege escalation vulnerabilities is often taken less seriously than more menacing remote code execution vulnerabilities due to the comparatively limited attack vector, gamers may not think to download and install a patch to their freshly purchased RTX Super GPU.

These security holes also coincide with a recent disappointing showing against AMD. After AMD successfully tricked Nvidia into sabotaging its own RTX Super release with a less-than-competitive price point, marketing gleaming new GPUs with high-severity vulnerabilities right out of the gate surely feels like getting salt in its wound.

One saving grace for Nvidia is that some hardware manufacturers may bundle the driver update as part of larger system updates, but users should definitely not count on this.

As things currently stand, a local code execution bug combined with a privilege execution bug can leave unpatched devices open to physical attacks in which a malicious actor gains physical access to a device to give themselves administrator privileges and run arbitrary code. This kind of attack is not out of the question, as many of the devices containing vulnerable Nvidia graphics cards are used by creatives who may or may not have robust security models, or may be using publicly accessible devices like those in libraries or gaming lounges. Regardless, any consumer with affected hardware should download and run the patch installers Nvidia has provided (or will soon provide, for those that are not yet available) as soon as possible.

Jonathan Terrasi
Former Digital Trends Contributor
Jonathan has studiously followed trends in technology, particularly in information security and digital privacy, since 2014…
Nvidia just fixed a major issue with its GPUs
The Nvidia RTX 4080 Super on a pink background.

If you've been unhappy with the performance of your graphics card lately, you might want to check out Nvidia's latest beta driver. This is a hotfix driver, which is pretty unusual for Nvidia, but it can be helpful if you've been dealing with micro-stuttering, both in games and on the desktop. The update addresses four issues in total, but to get it, you'll have to dig a little deeper than the standard path of updating your drivers.

Nvidia typically bundles bug fixes with its usual Game Ready drivers, as urgent hotfixes tend to be few and far between. However, this time, Nvidia chose not to wait any longer and pushed four updates for its GPU range. The new driver version, 551.46, may fix annoying stuttering issues.

Read more
Why it’s a surprisingly good time to buy a GPU right now
AMD RX 7800 XT and RX 7700 XT graphics cards.

Getting a good deal on a GPU is all about timing. Buy at the wrong time, and you'll end up overpaying.

But I have good news for you. I've been closely monitoring GPU prices as we move through the final quarter of the year, and I'm seeing some really solid deals out there, with many of the best graphics cards coming in under their retail price. If you've been thinking of buying a graphics card, now is turning out to be a surprisingly good time.
Why is now the time to buy a GPU?

Read more
Nvidia’s DLSS 3.5 update flips ray tracing on its head
Cyberpunk 2077 running on the Samsung Odyssey OLED G8.

Nvidia introduced its Deep Learning Super Sampling 3 (DLSS 3) not too long ago, but the feature is already getting a major update. DLSS 3.5 will launch this fall, seemingly alongside Cyberpunk 2077: Phantom Liberty, and it adds something totally new to Nvidia's storied RTX feature.

Ray Reconstruction is what's new. At a high level, Ray Reconstruction enables greater levels of ray tracing quality without hurting your performance (in some cases, it can even improve performance). Nvidia is billing this as an image quality improvement over traditional ray tracing methods, not as a way to improve performance, however.

Read more