A security vulnerability has been discovered recently in the NVIDIA display driver nvvsvc.exe belonging to the NVIDIA Driver Helper Service which is installed during the GeForce graphics driver installation. Attackers may exploit the vulnerability to increase rights on the system to access sensitive data and systems. Access to a system account seems necessary to exploit the vulnerability, possible vectors include phishing attacks to gain access to low-level system accounts to run the exploit on.
It has been a serious risk for enterprises and organizations who use affected drivers on their systems. One option to mitigate the security vulnerability was to disable the service that started the nvvsvc.exe process on the system.
NVIDIA has released an update to its GeForce driver yesterday that resolves the security vulnerability in the driver and brings the version of the driver to 310.90. It is a WHQL - Windows Hardware Quality Labs - release which means it has been run through a series of tests and that Microsoft has reviewed the log files of the tests and created a digitally signed certification that is included in the driver installation package.
The GeForce 310.90 drivers are said to improve the performance for games and applications. Black Ops 2 and Assassin's Creed III players may notice performance boosts up to 26% or 18% and improved antialising effects. Additional performance improvements for GeForce GTX 690 and 680 video cards are listed in the official release notes. The notes are posted on the same page the updated driver can be downloaded from.
It is highly recommended to select custom installation to avoid the installation of drivers and software that you do not make use of on your PC. Check out this overview of NVIDIA driver components to find out which drivers you need to install and which you may not need at all.
There you also find a solution to block the two processes nvvsvc.exe and nvxdsync.exe from running all the time on the system. You may have noticed that one of them is the process that has been vulnerable to the exploit.
It is highly recommended to install the NVIDIA GeForce driver update as quickly as possible on vulnerable systems to protect them from attacks and the exploit.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.