NVIDIA fixes vulnerabilities in GeForce Now

NVIDIA has released an updated safety for her Windows GeForce Now cloud gaming to address a vulnerability that could allow attackers to execute arbitrary code or escalate privileges on systems running vulnerable software.

GeForce Now is a service cloud-based gaming platform that allows users in 80 countries with subscriptions to stream free games or games they own, in real time, from a library of hundreds of titles hosted on NVIDIA's servers.

NVIDIA cloud gaming service can be used by customers with NVIDIA Shield devices, desktops (macOS, Microsoft Windows and ChromeOS) or mobile devices (Android) through special applications.

NVIDIA has now fixed a high-vulnerability (CVE - 2020‑5992) on all versions of Windows GeForce Now to prevent local intruders from gaining privileges or executing code after successful exploitation.

The vulnerability was reported by Qihoo 360 CERT Hou JingYi and was found in the OpenSSL library, one of the GeForce Now open source software kits.

While this flaw requires attackers to have local user access and thus can not be exploited remotely, it can still be abused using malware developed on systems running vulnerable versions of applications, NVIDIA explains in a published security tip. today.

CVE IDs Description Base Score Vector
CVE ‑ 2020‑5992 NVIDIA GeForce NOW application software on Windows contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code or escalation of privileges. 7.3 AV: L / AC: L / PR: L / UI: R / S: U / C: H / I: H / A: H

Attacks that will exploit this are of low complexity and require low privileges that provide basic user capabilities.

Fortunately, any attacks designed to exploit the CVE - 2020‑5992 vulnerability also require user interaction before a successful exploit.

To apply the security update and protect your system, you need to open the Windows GeForce Now application to download it automatically, and then follow the instructions to install it (the application requires administrator privileges to update itself).

If you can not run the application as an administrator, you can update it manually by removing it using these instructions and then install the latest version (ie 2.0.25.119).

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).