Nvidia's Latest GeForce Experience Update Patches 'High-Severity' Security Vulnerability
Update now to protect yourself.
Nvidia has issued a security bulletin and an update to fix a "high-severity" security flaw in its GeForce Experience software, which keeps drivers updates and helps pick the best settings for games based on your hardware. This comes not long after the last round of security patches from Nvidia, which also affected GeForce Experience.
The security flaw, CVE‑2019‑5702, presents an opportunity for local attackers to cause a Denial of Service system state when GameStream is running (albeit in the background), but also to override system privileges on any installation with GeForce Experience with a version number prior to 3.20.2, giving the attacker control over the PC.
This requires someone to have physical access to the PC, so systems aren't at threatened by remote attacks. Nevertheless, Nvidia has stated that the vulnerability is of 'low complexity', meaning that it doesn't require much user interaction in order to be exploited. However, that if you were to accidentally open a file or program that taps into the vulnerability yourself, it could open you up to remote attacks.
Due to this ease of abuse, Nvidia has classified the vulnerability as 'high severity', and you should immediately download the patch.
To fix the flaw, simply download the latest version of GeForce Experience from Nvidia's website and proceed through the installation.
Stay On the Cutting Edge: Get the Tom's Hardware Newsletter
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
Niels Broekhuijsen is a Contributing Writer for Tom's Hardware US. He reviews cases, water cooling and pc builds.
-
Kridian I'm wondering if I need to let NVidia gobble up more processes by using this crap to get my Control Panel working again?Reply