Nvidia fixes Display Driver security gap allowing attackers to gain system admin access

Graphics card producer Nvidia released an update for Nvidia Display Driver on Saturday correcting a recently discovered security vulnerability that allowed hackers to obtain "super-user" access to any system running the software, reports SecurityWeek.

The security update has passed Microsoft's hardware testing service for WHQL certification, making it an official driver version. All users running Nvidia GeForce graphics cards should download the new version immediately.

"The vulnerability allows a remote attacker with a valid domain account to gain super-user access to any desktop or laptop running the vulnerable service," CSO of security management and testing software company Rapid7 HD Moore told SecurityWeek.

"This flaw also allows an attacker (or rogue user) with a low-privileged account to gain super-access to their own system, but the real risk to enterprises is the remote vector," he added.

The driver update, version 310.90, also brings a number of other bug fixes and performance upgrades for games running on the GeForce 400/500/600 series GPUs, including Call of Duty: Black Ops 2 and Assassin's Creed 3.

The full list of notes for version 310.90 can be found on Nvidia's website.

More from Polygon

A guided video tour of an Unreal Tournament map

  • Freedom Planet gameplay video

  • Adventure Time trailer

  • Hearthstone: Naxxramas Overview

  • Oddworld: New 'N' Tasty - Overview video

Latest Discussions

Log In Sign Up

Log In Sign Up

Forgot password?

We'll email you a reset link.

If you signed up using a 3rd party account like Facebook or Twitter, please login with it instead.

Forgot password?

Try another email?

Almost done,

By becoming a registered user, you are also agreeing to our Terms and confirming that you have read our Privacy Policy.



Choose an available username to complete sign up.

In order to provide our users with a better overall experience, we ask for more information from Facebook when using it to login so that we can learn more about our audience and provide you with the best possible experience. We do not store specific user data and the sharing of it is not required to login with Facebook.