Nvidia releases emergency security update for GeForce Experience
Nvidia has released an emergency security update for the GeForce Experience software to all users. The update aims to fix high-risk security vulnerabilities in GeForce Experience components. GeForce Experience is an auxiliary application of the Nvidia graphics card. It can help users automatically update drivers, optimize the game experience, and provide sharing screenshots with friends. The Nvidia graphics driver installation package installs GeForce Experience components by default, so a considerable number of users worldwide will be affected by the vulnerability.
The GeForce Experience component attached to the Nvidia graphics driver has a DoS attack vulnerability in recent versions, but in most cases the impact of such a vulnerability is low. The reason for the lower impact is mainly that the vulnerability is more difficult to trigger and cannot be triggered remotely. However, the difficulty of vulnerability is very low. This means that hackers can trigger vulnerabilities in a simpler and easier way, and the entire exploit process does not require user interaction so users will not discover them.
It is worth noting that this vulnerability still does not support remote triggering, so if a hacker wants to use it, he needs to install other malicious software in advance and reuse it. At the same time, the vulnerability can also be used to elevate permissions. For example, if a user logs in with administrator permissions, a hacker can also gain administrator permissions to perform more malicious operations.
Currently, NVIDIA has released a new version to fix the above vulnerabilities, and all users need to do is download the latest version to install to ensure that the vulnerability can be fixed. If you need to update GeForce Experience v3.20.2 and later, users can directly open the GeForce Experience component, which will automatically check the latest version and perform download and installation operations. At the same time, users can also click here to manually download the latest version of the installation package to perform the upgrade operation. No need to restart after the upgrade, just make sure that it is the latest version.