Nvidia GeForce 310.90 driver update fixes security vulnerability
A security vulnerability has been discovered recently in the NVIDIA display driver nvvsvc.exe belonging to the NVIDIA Driver Helper Service which is installed during the GeForce graphics driver installation. Attackers may exploit the vulnerability to increase rights on the system to access sensitive data and systems. Access to a system account seems necessary to exploit the vulnerability, possible vectors include phishing attacks to gain access to low-level system accounts to run the exploit on.
It has been a serious risk for enterprises and organizations who use affected drivers on their systems. One option to mitigate the security vulnerability was to disable the service that started the nvvsvc.exe process on the system.
NVIDIA has released an update to its GeForce driver yesterday that resolves the security vulnerability in the driver and brings the version of the driver to 310.90. It is a WHQL - Windows Hardware Quality Labs - release which means it has been run through a series of tests and that Microsoft has reviewed the log files of the tests and created a digitally signed certification that is included in the driver installation package.
The GeForce 310.90 drivers are said to improve the performance for games and applications. Black Ops 2 and Assassin's Creed III players may notice performance boosts up to 26% or 18% and improved antialising effects. Additional performance improvements for GeForce GTX 690 and 680 video cards are listed in the official release notes. The notes are posted on the same page the updated driver can be downloaded from.
It is highly recommended to select custom installation to avoid the installation of drivers and software that you do not make use of on your PC. Check out this overview of NVIDIA driver components to find out which drivers you need to install and which you may not need at all.
There you also find a solution to block the two processes nvvsvc.exe and nvxdsync.exe from running all the time on the system. You may have noticed that one of them is the process that has been vulnerable to the exploit.
It is highly recommended to install the NVIDIA GeForce driver update as quickly as possible on vulnerable systems to protect them from attacks and the exploit.
Advertisement
For anyone who’s interested, here’s the latest from Nvidia on GeForce 6-series and GeForce 7-series GPUs:
“We will be releasing an updated driver in the next week or two that is based on an earlier driver branch for Geforce 6/7 series customers, which will include the security fix. “
“Try going through the main page and selecting your particular card”
No, it only lists 306.97 drivers. And looking at the release notes it says the following:
“GeForce 6-series and GeForce 7-series GPUs have moved to legacy support with the GeForce Release 304 drivers. These products are no longer supported beginning with the GeForce Release 310 drivers.”
So, as this is a security vulnerability, Nvidia should really issue a patch for the 306.97 driver, so that people who can’t install the 310.90 driver are not vulnerable to this security flaw in their software.
So if I follow the tip to stop the service, do I need to upgrade? Every time I update the video driver, I have a lot of system trouble. Every time. I’ll go with another video card maker next time.
i update to 310.90 and restart pc and no login in windows 8.
sistem restore to 306.97
Try going through the main page and selecting your particular card. Mine is a GTX 260 which isn’t supported to the sub-flavor linked to here. By going through the selection process, I was able to find one that supports my card.
So what happens if you have a GeForce 7 Series graphics card, which isn’t on the list of supported products for 310.90? Are they just going to ignore the security vulnerability?
Rick
The ID is there as the hardware is installed by the OEM. The problem that those updates are not approved by the OEM and you could lose your warranty/support.
Ahh but you can update … you just have to add your hardware ID to the inf file.
…that you can’t update drivers…
There is a problem that you update drivers on OEM laptops other than those updated by the manufacturers. You have to wait long for those updates.
Updated with no problems.
Thanks Martin.