Graphics processor developers offer protection against vulnerabilities found on Windows and Linux systems
Nvidia, a company specializing in the development of graphic processing units, has included an unusual feature in its new releases: protection against eight vulnerabilities that could be used to deploy some cyberattack variants, as mentioned by network security and ethical hacking experts from the International Institute of Cyber Security.
In a blog post, the company reported on its decision to provide protection against the exploitation of some vulnerabilities, which vary in scope. According to network security experts, these vulnerabilities could allow malicious hackers to enable remote code execution, escalation of privileges, and even generate denial of service (DDoS) conditions. These vulnerabilities are found on Windows, Linux, and Solaris operating systems.
One of the reported vulnerabilities, tracked as CVE-2018-6260, allows attacks similar to the well-known Spectre and Meltdown, mentioned experts in network security; however, this flaw has not been considered critical because it is not exploitable remotely. According to Nvidia, it is necessary to perform some additional actions to completely correct this vulnerability in Windows and Linux operating systems.
All vulnerabilities have already been evaluated according to the Common vulnerability Scoring System; while the vulnerabilities considered minor received scores of 3/10, the most severe ones was scored with 8.8/10. The company mentions that there are no known ways to mitigate risks, so it requires the new Nvidia drivers to correct the errors.
Nvidia emphasizes that it is very important to install these versions, even without all the updates that invite people to update their graphics configurations. These new drivers are available through the Nvidia website.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.