NVIDIA releases security update for out-of-support graphics cards
NVIDIA released a display driver security update for some of its graphics cards that it no longer supports with regular driver updates. The security update addresses major security issues in the NVIDIA GPU driver for these cards.
Note that updates are also available for NVIDIA products that are still in support. These may also be downloaded from NVIDIA's website to address the security issues. Unlike the released drivers for the out-of-support products, these may also include non-security improvements, such as support for new games.
The new display driver, version 474.14, was released on December 20, 2022. It is the fifth security-only driver update for out-of-support graphics cards. The previous four security updates for the drivers were all released in 2022 by NVIDIA.
The security update has been released for Kepler GPUs and the driver is available for the Microsoft Windows operating systems Windows 7, Windows 8.1, Windows 10 and 11. Support for Kepler-based GPUs of the GeForce GTX 600 and GTX 700 series ended in 2021 officially. Supported ended for Geforce GT 600 and GT 700, and GTX Titan products as well at the same time.
End of support means that NVIDIA won't release updated Game Ready drivers for these products anymore, but that it will release security updates for the products until September 2024.
The official security bulletin provides details on the security issues that NVIDIA addressed in the security update. The driver addresses the following security issues:
CVE?2022?42266, CVE?2022?42267, CVE?2022?34669, CVE?2022?34671, CVE?2022?34672, CVE?2022?34678, CVE?2022?34681, CVE?2022?34683
Successful exploits of the security issues may lead to "code execution, denial of service, escalation of privileges, information disclosure, or data tampering" according to NVIDIA. Details are provided on the linked Security Bulletin website.
The latest driver may be downloaded from NVIDIA's official download website. Note that the driver in question includes only security updates, not game-related updates or updates related to the functionality of the driver.
Now You: do you update video card drivers regularly?
What’s this, a useful article from someone who retains their sanity? How can it be? /s
Thanks for the news, quality news, unlike Shaun’s crap.
So long as you continue to provide worthwhile articles, I’ll stay.
Do not forget to use https://www.techpowerup.com/nvcleanstall/
I rarely update drivers as I tend to operate by the principle “If it ain’t broke…”. But my curiosity got the better of me recently after reading Ashwin’s article Dec. 3 where I updated drivers for a NVidia GT710 that was still on version 431.60 (after taking a Macrium image to fall back on).
The driver update messed up the resolution of the dual monitor setup and changed which one is the main display. Those issues were easily fixed, but what was more concerning was the amount of drive space used on the system increased by over 2 GB even though I never install the GeForce Experience software. Why over 2 GB just for drivers? Seems very bloated. So I restored the Macrium image and went back to “If it ain’t broke…”.
My systems are very locked down with numerous security layers (defense in depth) and have never had a single instance of malware in using older drivers or even older applications or operating systems, so I’m not concerned with staying on older drivers. But also because a lot of these vulnerabilities require local access to the computer in order to exploit. Which as one of the immutable laws of computer security says, if a bad actor has access to your computer it’s not your computer anymore.
Thanks, Martin, I did not suspect a new graphic driver update so soon after the Nvidia update for the older out-of-support Nvidia graphics cards (like – GeForce GT 630 Driver) update v.474.04 (DCH) [’22-12-01].
And also thanks to the link to the security bulletin.