If you have an Nvidia graphics card (opens in new tab) in your PC — as we do — it's time to update the driver and the GeForce Experience (GFE) GPU-management application.
No less than 12 different security vulnerabilities exist in older versions of the driver and the GFE software, says Nvidia in two (opens in new tab) advisories (opens in new tab) posted yesterday (Nov. 6). Attackers could use the flaws to steal information, run malicious code, take over the system or stop GPUs from functioning properly.
The saving grace is that most of the attacks would require "local system access," i.e. access to the machine itself or perhaps to a locally networked one.
To make sure your Nvidia GeForce GPU driver is up to date, go to the Nvidia driver download (opens in new tab) page and either plug in your graphics card's specs or have the page detect the graphics card. You'll be taken to the appropriate page, from which you can download the updated driver, which should have version number 441.12 or later.
To update your GeForce Experience software, go to the GeForce download (opens in new tab) page and download the patch. It should update your GFE software to version 3.20.1 or later.
Driver patches for Nvidia's professional (Quadro), enterprise (NVS and vGPU) and supercomputer (Tesla) graphics cards and virtualization software aren't all quite ready yet, but should be available the week of Nov. 18.