Nvidia GeForce has a nasty Security Flaw — What to Do Now

Nvidia GeForce has a nasty Security Flaw — What to Do Now

Windows users of Nvidia's GeForce Now cloud gaming service need to update their desktop software due to a serious security flaw that could allow malware to take over their PCs.

According to a security advisory from Nvidia, GeForce Now client software on Windows needs to be updated to at least version 2.0.25.119; Mac, Chrome OS, Android and Nvidia Shield GeForce Now clients are not affected.

"The NVIDIA GeForce NOW application software on Windows contains a vulnerability in its open source software dependency that makes the OpenSSL library vulnerable to a local user binary planting attack, code execution or privilege escalation," the advisory states.

According to Threatpost, in plain English, this means that an attacker with access to a PC (perhaps a person, or a piece of malware installed by other means) can plant a booby-trapped file that the GeForce Now program can load and execute This means that the GeForce Now program can be loaded and executed. This could result in further malware infections or even give the attacker control of the machine.

You can update GeForce Now to version 2.0.25.119 simply by launching the application. The new version should download automatically and then install as prompted. If that does not work, Nvidia has a help page that recommends different measures to take.

GeForce Now is a freemium subscription service that allows gamers to play games on Nvidia's own servers and access them remotely from client machines. This differs from GeForce Experience software, which is used to manage configuration and driver updates for Nvidia graphics cards.

Games are purchased from Steam or other digital distributors; a monthly payment of $5 is required for any gaming session longer than one hour.

Categories