Skip to main content

Apply Security Update To Protect Against Nvidia Vulnerability

By January 3, 2020May 9th, 2022Cybersecurity

Have you downloaded the NVIDIA GeForce Experience (GFE) app?

It’s a helper app designed to work in tandem with GeForce GTX graphics cards. It is designed to automate the process of keeping your drivers up to date and automatically optimize your game settings.

If it’s something you rely on, you should be aware that NVIDIA recently discovered a serious security flaw that will require patching in order for you to protect yourself. Tracked as CVE-2019-5702, the flaw allows an attacker to corrupt a system file. In doing so, it allows a potential attacker to escalate privileges to take total control over it, or to trigger a denial of service attack.

If there’s a silver lining in the recent discovery, it lies in the fact that in order to exploit the flaw, physical access to your device is required. Given that, it’s not as serious a threat as some other recent vulnerabilities. It still represents a genuine threat. That is because the attacks designed to be used in conjunction with this vulnerability are of relatively low complexity and require no user interaction.

The flaw impacts any Windows-based PC running NVIDIA GeForce Experience version prior to 3.20.2. If you’re using the app, there are two ways to get the update. You can launch the GFE client, which will automatically search for updates and download the latest version. Or you can visit NVIDIA’s GeForce Experience Download page and manually download and install the latest version.

Again, while the flaw isn’t the most dangerous one we’ve seen in recent months, it’s better to be safe than sorry. So if it’s something you rely on to make your gaming experience more convenient and automate the driver update process, the safe bet is to upgrade your way around the flaw. Kudos to NVIDIA for their rapid resolution of the issue.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.