As we headed into the weekend, Nvidia posted a security bulletin alerting GeForce, NVS, Quadro, and Tesla GPU owners that its latest drivers address a handful of issues that attackers could leverage if left unpatched. As a precaution, you should probably go ahead and install the latest driver package for your GPU.
I say "probably" because the actual threats are not likely to be exploited, at least for the average user. As Bleeping Computer points out, they all require local access. Nevertheless, there are five security updates in all, three of which have "high" severity ratings.
"Nvidia has released a software security update for the Nvidia GPU display driver. This update addresses issues that may lead to local code execution, denial of service, or escalation of privileges," Nvidia says.
The most severe of the five has a base score of 8.8 (you can read about how these things are scored here). Second on the list is another highly rated vulnerability (7.8), in which a specially crafted shader could ultimately lead to a DoS attack or unauthorized code execution.
As it pertains to GeForce owners, all of the security issues are addressed starting with the 431.60 driver release, which launched two weeks ago with optimizations for Wolfenstein: Youngblood and Madden NFL 20.
However, Nvidia has since released a hotfix driver (v431.68) to address an issue where the "mouse cursor may render incorrectly after exiting a game." As such, if you have not already updated to the 431.60 release, you may want to skip ahead to the hotfix release.
If you are not sure which driver you have installed, right-click your desktop and select Nvidia Control Panel, then click the System Information in the lower-left corner. This will bring up a window that, among other things, lets you know your current driver version.
Go here to download the latest GeForce driver, or here to skip to the hotfix.
