silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,154
NVIDIA released a security update for the Windows NVIDIA GeForce Experience (GFE) app to address vulnerabilities that could enable attackers to execute arbitrary code, escalate privileges, gain access to sensitive info, or trigger a denial of service (DoS) state on systems running unpatched software.
NVIDIA GFE is a companion utility for GeForce GTX graphics cards that "keeps your drivers up to date, automatically optimizes your game settings, and gives you the easiest way to share your greatest gaming moments with friends" according to NVIDIA,
While these flaws require attackers to have local user access and cannot be exploited remotely, they can still be abused using malicious tools deployed on systems running vulnerable NVIDIA GFE versions.
Additionally, attacks that would exploit these bugs are of low complexity according to NVIDIA, while also requiring low privileges, and need no user interaction.
NVIDIA patches high severity GeForce Experience vulnerabilities
NVIDIA released a security update for the Windows NVIDIA GeForce Experience (GFE) app to address vulnerabilities that could enable attackers to execute arbitrary code, escalate privileges, gain access to sensitive info, or trigger a denial of service (DoS) state on systems running unpatched...
www.bleepingcomputer.com
NVIDIA Support
nvidia.custhelp.com