Nvidia patches MAJOR VULNERABILITY in their Geforce Experience Software
Nvidia patches MAJOR VULNERABILITY in their Geforce Experience Software
This security flaw was found in “all versions” if the Geforce Experience application before version 3.18, which released earlier this month. Thankfully, this means that users of Nvidia’s Geforce Experience software will be able to protect their systems from this vulnerability by updating their Geforce experience install. This issue is exclusive to Windows-powered systems, which means that Linux users need no worry about this issue.Â
Users of Geforce Experience version 3.18 or newer will offer hardened security that protects users from CVE?2019?5674, the official name of the vulnerability. The Geforce Experience application has an automatic update feature, which means that most users of the software will have their system’s patched shortly.Â
Below is a brief description of the security flaw. Thankfully, this flaw cannot be exploited remotely.Â
Â
  NVIDIA GeForce Experience contains a vulnerability when ShadowPlay, NvContainer, or GameStream is enabled. When opening a file, the software does not check for hard links. This behavior may lead to code execution, denial of service, or escalation of privileges.
While it is startling to discover that Nvidia’s Geforce Experience application has had a significant security flaw since the app’s introduction in 2013, the fact that is hasn’t been fixed before now showcases how little the vulnerability has impacted end-users. It is good to know that Nvidia has addressed the issue directly, though it is concerning that such a flaw was present within the software for soo long. Â
To protect your systems, if you have Geforce Experience installed, please update to the latest version of Nvidia’s Geforce Experience app, which is version 3.18.0.94 at the time of writing.Â
You can join the discussion on Nvidia patching a severe vulnerability within their Geforce Experience Software on the OC3D Forums. Â
Â