Graphics drivers often get flak for compatibility issues and overzealous optimizations, but we rarely hear about security holes. There are exceptions for everything, though. Threatpost reports that a freshly discovered vulnerability in Nvidia's Display Driver Service "could hand over administrator privileges on Windows machines to an attacker."
UK security researcher Peter Winter-Smith posted the exploit to Pastebin earlier this week. He wrote up the following explanation, as well:
Here is an interesting exploit for a stack buffer overflow in the NVidia Display Driver Service. The service listens on a named pipe (\pipe\nsvr) which has a NULL DACL configured, which should mean that any logged on user or remote user in a domain context (Windows firewall/file sharing permitting) should be able to exploit this vulnerability. . . . The buffer overflow occurs as a result of a bad memmove operation.
(Curious-minded readers can check the Pastebin posting for more details.)
Apparently, Winter-Smith didn't tip Nvidia off before sharing the exploit publicly. That's because, he says, "The risk from this particular flaw being exploited was (is) sufficiently low that I didn't think it would warrant the wait." Quoting the researcher, Threatpost explains that the exploit mainly affects "domain-based machine[s]" with "relaxed firewall rules" and file sharing enabled.
Well, at least that part is reassuring, I guess. Here's hoping Nvidia addresses the problem soon. In the meantime, keep your firewalls up!
|1. Ryszard - $603||2. Hdfisise - $600||3. Andrew Lauritzen - $502|
|4. Redocbew - $350||5. the - $306||6. SomeOtherGeek - $300|
|7. chasp_0 - $251||8. Ryu Connor - $250||9. mbutrovich - $250|
|10. YetAnotherGeek2 - $200|
|In the lab: FLIR's One thermal camera||39|
|Black Friday deals: Dell's U3415 curved monitor for $650 and more||30|
|Abu Dhabi government fund may be shopping GlobalFoundries||63|
|Asus goes for the gold with its 20th Anniversary GTX 980 Ti||7|
|MSI's Eco motherboards let owners fine-tune power consumption||10|
|Gigabyte's Z170X-Gaming G1 motherboard reviewed||16|
|Star Wars Battlefront video review||40|
|Club 3D active adapters convert DisplayPort 1.2 to HDMI 2.0||23|
|Phanteks' Power Splitter lets two systems run on one PSU||45|
|This is the answer to SSK's question on the Firefox news post.||+34|