Graphics processor developers offer protection against vulnerabilities found on Windows and Linux systems
Nvidia, a company specializing in the
development of graphic processing units, has included an unusual feature in its
new releases: protection against eight vulnerabilities that could be used to
deploy some cyberattack variants, as mentioned by network
security and ethical hacking experts from the International Institute
of Cyber Security.
In a blog post, the company reported on its
decision to provide protection against the exploitation of some
vulnerabilities, which vary in scope. According to network security experts,
these vulnerabilities could allow malicious hackers to enable remote code
execution, escalation of privileges, and even generate denial of service (DDoS)
conditions. These vulnerabilities are found on Windows, Linux,
and Solaris operating systems.
One of the reported vulnerabilities, tracked as
CVE-2018-6260, allows attacks similar to the well-known Spectre and Meltdown,
mentioned experts in network security; however, this flaw has not been
considered critical because it is not exploitable remotely. According to
Nvidia, it is necessary to perform some additional actions to completely
correct this vulnerability in Windows and Linux operating systems.
All vulnerabilities have already been evaluated
according to the Common vulnerability Scoring System; while the vulnerabilities
considered minor received scores of 3/10, the most severe ones was scored with
8.8/10. The company mentions that there are no known ways to mitigate risks, so
it requires the new Nvidia drivers to correct the errors.
Nvidia emphasizes that it is very important to
install these versions, even without all the updates that invite people to
update their graphics configurations. These new drivers are available through
the Nvidia website.
