NVIDIA updates GeForce Experience to remove security flaw

NVIDIA’s GeForce Experience has received an update that resolves a security flaw, that left users vulnerable against attacks, potentially exposing their data to hackers.

GeForce Experience

THE THREAT

According to Rhino Security Lab’s blog post, the app was letting remote access to users data, making them vulnerable to threats.

This vulnerability allowed any system file to be overwritten due to insecure permissions set on log files which GeForce Experience writes data to as the SYSTEM user. Additionally, one log file contained data that could be user-controlled, allowing commands to be injected into it and then written to as a batch files leading to code execution on other users and potential privilege escalation

Rhino Security Lab

They also said that the users could be affected by total denial of service or full privilege escalation, giving attackers full control over their target’s data. This is a big issue as all computers with NVIDIA graphics are preloaded with this app.

NVIDIA’s ANSWER

NVIDIA, in its defense, said that the security flaw is affecting users with ShadowPlay, NVcontainer, or GameStream enabled, not to mention all the three could be on by default.

It is highly recommended to update to the latest version of NVIDIA GeForce Experience as soon as possible. You can do this by launching the GeForce Experience app and auto-updating to version 3.18.

Read more:

Leave a Reply

Latest posts

Xiaomi 11i Review: HyperCharge For The Masses

It's a new year, and Xiaomi is back with another smartphone series - the Xiaomi 11i. The first smartphone series of 2022 from the...

Asus Zenbook 13 OLED Review – Beauty and Brawn Put Together

Finding a sleek and stylish Windows machine is not that hard these days, but those sleek and stylish machine comes with their own deprivations,...

Loading Next Article