NVIDIA fixes high severity flaws in Windows display driver

[silversurfer]

Content source

https://www.bleepingcomputer.com/news/security/nvidia-fixes-high-severity-flaws-in-windows-display-driver/

NVIDIA has released security updates to address high severity vulnerabilities in the Windows GPU display driver that could lead to code execution, escalation of privileges, information disclosure, and denial of service.
All GPU display driver bugs fixed by NVIDIA this month require local user access which means that attackers will need to first get a foothold on the systems to exploit these vulnerabilities. Once is achieved, they could take exploit them by remotely planting malicious tools or running code designed to target one of the fixed issues on devices running unpatched NVIDIA GPU drivers.
The security updates also fix high severity flaws in the NVIDIA Virtual GPU Manager which may lead to denial of service, code execution, and information disclosure when successfully exploited.

The full list of driver and software versions affected by these vulnerabilities can be found in the NVIDIA GPU Display Driver - September 2020 security bulletin.
NVIDIA urges customers to update their GeForce, Quadro, NVS, and Tesla GPU display drivers, as well as Virtual GPU Manager and guest driver software by applying security updates available via the NVIDIA Driver Downloads page.
The company says that some users may receive Windows GPU display driver 456.41, 452.11, and 446.29 versions from their computer hardware vendors also bundling the security updates released today. To find your NVIDIA GPU display driver's version you can follow the procedure detailed here.