Skip to main content

Update Windows Display Drivers Soon For Security Fix

By October 13, 2020May 5th, 2022Technology News

If you’ve got an NVIDIA graphics card in your PC, and odds are pretty good that you do, be aware that the company recently released a security update.

It patches a number of high severity vulnerabilities in the Windows GPU display driver that could allow a hacker to gain complete control over your system via escalation of privileges.

If there’s a silver lining to be found in the announcement, it lies in the fact that all of the security flaws NVIDIA addressed require local access to exploit. So a hacker would first have to establish a beachhead on your system before exploiting the flaws. Even so, for a determined hacker, that’s not much of an impediment, so patching the system should be considered a priority.

Here’s a quick overview of the issues the latest patch addresses:

  • CVE-2020-5979 – This is a flaw in the Control Panel component where the user is presented with a dialog box for input by a high-privilege process, which may lead to escalation of privileges.
  • CVE-2020-5980 – This issue arises from the fact that there are multiple components in which a securely loaded system DLL will load its dependencies in an insecure fashion, which may lead to code execution or denial of service.
  • CVE-2020-5981 – The Windows GPU Display Driver contains a vulnerability in the DirectX11 user mode driver (nvwgf2um/x.dll), in which a specially crafted shader can cause an out of bounds access, which may lead to denial of service.
  • CVE-2020-5982 – which is an issue in the Windows GPU Display Driver’s kernel mode layer (nvlddmkm.sys) scheduler, in which the software does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests, which may lead to denial of service.

The first three are all scored 7.8 out of 10 in terms of severity, while the last one is scored 4.4 because it’s somewhat harder for a hacker to exploit. In any case, these are all serious issues that put your system at risk, so be sure your team knows to make installing the latest patch from NVIDIA a priority. It’s always better to be safe than sorry.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.