Gigabyte GeForce GTX 650 Ti Boost OC WindForce 2X review
MSI Radeon HD 7790 TurboDuo OC review
Metro Last Light VGA Graphics Benchmark performance test
Noctua NH-U12S and NH-U14S review
ASUS GeForce GTX 670 DirectCU Mini review
OCZ Vertex 3.20 SSD review
Gigabyte Radeon HD 7790 2GB OC review
Cooler Master Eisberg 240L Prestige review
Guru3D and OCZ Contest - PC Power 1200W PSU Giveaway
MSI GeForce GTX 650 Ti BOOST OC review
Vulnerability detected in NVIDIA display driver service
Posted by Hilbert Hagedoorn on: 12/27/2012 07:37 AM | 3 comment(s) ]
A hacker called Peter Winter-Smith discovered a security hole in NVIDIA's display driver service that allows local and remote users (Windows firewall/file sharing permitting) to gain administrator privileges in Windows via a stack buffer overflow.
Mr. Winter-Smith posted a description and details of the exploit, in which he describes the NVIDIA Display Device server (NVVSVC) as listening on a pipe (a means by which different processes talk to each other) "pipensvr," which has an null/empty discretionary access control list (DACL, a security whitelist for users/groups), letting ordinary logged in local and remote users (firewall permitting, and the remote admin has a local account) to gain administrator rights to the system.
Vulnerability detected in NVIDIA display driver service
Samsung smartphones and tablets vulnerable to kernel attack - 12/18/2012 09:18 AM
ZD Net reports a wide range of Samsung smartphones and tablets with the company's Exynos 4412 and 4210 ARM-based processors are vulnerable to an attack that enables hackers to obtain root access on a...
Steam Security Vulnerability Found when Using Certain Browsers - 10/18/2012 05:45 AM
Steam Security Vulnerability Found when Using Certain Browsers. Some browsers will execute the steam:// protocol without so much as a single prompt to the user
Wi-Fi Protected Setup PIN Brute Force Vulnerability - 12/30/2011 12:38 PM
A researcher has discovered a security hole in WPS technology that affects millions of Wi-Fi routers around the world. A few weeks ago I decided to take a look at the Wi-Fi Protected Setup (WPS) techn...
ASUS's Wireless-N Gigabit Router RT-N56U is vulnerable - 08/30/2011 01:02 PM
If you purchased one, be on alert and upgrade to the latest firmware. ASUS's Wireless-N Gigabit Router RT-N56U contains a vulnerability which may allow a remote unauthenticated attacker to recover th...
Microsoft to plug 11 vulnerabilities on Patch Tuesday - 04/10/2010 11:24 AM
Microsoft announced this month's Patch Tuesday will feature 11 security bulletins addressing 25 vulnerabilities in Windows and Office. For Windows there are five critical updates, three important upda...
lucidus
Ancient Guru
Posts: 3179
Joined: 2011-12-31
Ancient Guru
Posts: 3179
Joined: 2011-12-31
#4488901 Posted on: 12/28/2012 07:06 PM
From what I understand only Enterprises are vulnerable provided the firewall rules are relaxed. Meh.
From what I understand only Enterprises are vulnerable provided the firewall rules are relaxed. Meh.
Noisiv
Maha Guru
Posts: 2675
Joined: 2010-11-16
Maha Guru
Posts: 2675
Joined: 2010-11-16
#4488962 Posted on: 12/28/2012 08:38 PM
How about Pro with UAC, software and hardware firewall, and Secondary Logon Service disabled
What pisses me off is that multi-billion $ company does not have a single person dedicated for informing the public in a fast and accurate manner.
But if I was guessing, I'd say that NVIDIA is publicly ignoring this due to a manner that the exploit has been disclosed.
Winter-Smith said he wanted to share the exploit in a timely fashion, rather than report it.
I am definitely not averse to responsible disclosure and typically do follow a responsible disclosure process, however the risk from this particular flaw being exploited was (is) sufficiently low that I didn't think it would warrant the wait, he said.
How about Pro with UAC, software and hardware firewall, and Secondary Logon Service disabled
What pisses me off is that multi-billion $ company does not have a single person dedicated for informing the public in a fast and accurate manner.
But if I was guessing, I'd say that NVIDIA is publicly ignoring this due to a manner that the exploit has been disclosed.
Winter-Smith said he wanted to share the exploit in a timely fashion, rather than report it.
I am definitely not averse to responsible disclosure and typically do follow a responsible disclosure process, however the risk from this particular flaw being exploited was (is) sufficiently low that I didn't think it would warrant the wait, he said.
Click here to post a comment for this news story on the message forum.
Master Guru
Posts: 249
Joined: 2010-11-28
Surprised no one is really saying much about this. A few replies over at the nvidia forum: https://forums.geforce.com/default/topic/526419/geforce-drivers/security-exploit-found-nvidia-drivers/
Threat Post: http://threatpost.com/en_us/blogs/nvidia-display-driver-service-attack-escalates-privileges-windows-machines-122712
I want to say from the little bit I've read the average user wouldn't have much to worry about as long as they have a firewall up.