PC Gamer

(Image credit: Nvidia)

In case you haven't updated to Nvidia's latest GeForce Experience version, now is the time to do so. If you're still on anything older than version 3.27.0.112, your PC could be wide open to certain cybersecurity risks, with the potential for hackers to gain access to your PC via your outdated GeForce Experience software.

The vulnerabilities, as described by the Nvidia development team in a security bulletin (via Hardware Info), include "code execution, information disclosure, data tampering, and denial of service."

Discovered by Minse Kim of Korea University's DNSLab, there are three main attack methods that older GeForce Experience versions leaves users open to. The one that scores highest on the vulnerability scale would involve the user initialising the GeForce Experience install from a compromised directory. Looks like they had to have accidentally deleted something from the install folder first, though. So although it's probably a rare occurrence, it can lead to some serious data tampering.

The second vulnerability would see the hackers using the installer to do their nefarious bidding.

"GeForce Experience contains an uncontrolled search path vulnerability in all its client installers," the bulletin says. In order to exploit this, the hackers would need to have already gained user level privileges, allowing them to use the installer to load an arbitrary DLL. That would allow them to escalate their privileges and execute whatever code they fancied on your PC.

Your next upgrade

Best CPU for gaming: The top chips from Intel and AMD
Best gaming motherboard: The right boards
Best graphics card: Your perfect pixel-pusher awaits
Best SSD for gaming: Get into the game ahead of the rest

Last but not least, the "NVContainer component" vulnerability would allow a hacker with user level privileges to create a "symbolic link" to a file that needs admin privileges, and sneakily give them an escalation of privilege, opening a window for "denial of service, or limited data tampering." That means removing your access and messing with your machine while you're left to figure out what the heck is going on.

For a software tasked with keeping your graphics card working—i.e. one of the most important softwares on your gaming PC—you'd think we wouldn't have to deal with this. But as many of us will know, software development is never as straightforward as we'd like it to be.

Hackers are constantly evolving, so make sure to keep your software up to date.

Screw sports, Katie would rather watch Intel, AMD and Nvidia go at it. Having been obsessed with computers and graphics for three long decades, she took Game Art and Design up to Masters level at uni, and has been rambling about games, tech and science—rather sarcastically—for four years since. She can be found admiring technological advancements, scrambling for scintillating Raspberry Pi projects, preaching cybersecurity awareness, sighing over semiconductors, and gawping at the latest GPU upgrades. Right now she's waiting patiently for her chance to upload her consciousness into the cloud.

Latest

The First Descendant executes total U-turn on the promise of endless loot caves, blames 'mistranslation' and weirdly insists 'there have been no reversals'

See more latest ►

See comments

The biggest gaming news, reviews and hardware deals

Most Popular