Thursday, December 15th 2016

NVIDIA's GeForce 376.33 WHQL Drivers Fix Multiple Kernel Faults; Update ASAP

If you're one of those people who doesn't regularly update their graphics card drivers, and you're rocking an NVIDIA graphics card, you really should update your drivers to the latest WHQL version, 376.33. The release notes and a security bulletin issued by the company point towards the fixing of multiple detected kernel layer (nvlddmkm.sys) vulnerabilities in NVIDIA's previous driver releases, which could "Lead to a Denial of Service, Escalation of Privileges, or Both".

In total, there are seven reported vulnerabilities as having been fixed, with NVIDIA acknowledging contributions in the issues' detection from engineers with Google Project Zero and Cisco Talos.
Source: NVIDIA Security Bulletin
Add your own comment

32 Comments on NVIDIA's GeForce 376.33 WHQL Drivers Fix Multiple Kernel Faults; Update ASAP

#1
qubit
Overclocked quantum bit
Great, now we have security headaches to add to stability issues.
Posted on Reply
#2
robert3892
This new driver however doesn't fix the folding @ home problems yet.
Posted on Reply
#3
birdie
None of these vulnerabilities is remotely exploitable so there's no need to cry foul.

And 99% of home users are administrators so there are even fewer reasons to worry. Worry about having your system up to date (specially your web browser, Adobe Flash and JavaSE) and running an effective AV program (MS Security Essentials is not one of them) - my favorites are Kaspersky, F-Secure and BitDefender.

And if you're really paranoid/obsessed with security you should not be running Windows (specially 10) in the first place. Run Linux or better yet FreeBSD - almost zero hackers target it.
Posted on Reply
#4
W1zzard
birdie
None of these vulnerabilities is remotely exploitable so there's no need to cry foul.
Why not? Sending extescapes is easy, GPU-Z does it all the time. Crashing the system is easy. Crafting the right payload for privilege escalation isn't trivial but I see no obstacles

Edit: I misread "remotely" as "low chance" and not as "over the internet". My bad, sorry.
Posted on Reply
#5
Solidstate89
qubit
Great, now we have security headaches to add to stability issues.
GPU drivers run in Ring 0 alongside the kernel. Security issues were always part and parcel with them. Whether you choose to acknowledge or ignore it is up to you, but nothing has changed over the last decade.

WDDM (especially WDDM 2.0) has done a good job of hardening GPU drivers against attack, but if it runs on your computer, it can be used as an attack surface. This is especially true for anything that runs at the kernel level.
Posted on Reply
#6
bug
qubit
Great, now we have security headaches to add to stability issues.
Now? We've had these headaches since the drivers ran at kernel level.
Posted on Reply
#7
qubit
Overclocked quantum bit
bug
Now? We've had these headaches since the drivers ran at kernel level.
I don't remember seeing advisories for this before.
Posted on Reply
#8
bug
qubit
I don't remember seeing advisories for this before.
So what, you worry about a problem only when you hear about it? If it's in the kernel, it's an attack vector.
Posted on Reply
#9
qubit
Overclocked quantum bit
bug
So what, you worry about a problem only when you hear about it? If it's in the kernel, it's an attack vector.
What the hell is your problem? :rolleyes:
Posted on Reply
#10
pat-roner
Better update to this, so that I can update to the hotfix next week and have that break my card. Damn I hate nvidia drivers....
Posted on Reply
#11
bug
qubit
What the hell is your problem? :rolleyes:
You said
Great, now we have security headaches to add to stability issues.
I'm saying any driver is a security headache. That's part of the reason Microsoft came up with WHQL.
This is not a new problem by any account.

So my question is: did you only start to worry about driver security now that you've read about this instance?
Posted on Reply
#12
PinkMachine
This is the kind of update I am willing to download without any whining. There's no fiddling with security fellas.

On the other hand I do not give a darn about 450MB update, released once a week, which removes SLI possbility in Titanfall 2 due to some stability issues that do not affect me by any means and never will.

#NeverEndingStory.
Posted on Reply
#13
xkm1948
nvidia driver seems to be nothing but headache these days.
Posted on Reply
#14
the54thvoid
xkm1948
nvidia driver seems to be nothing but headache these days.
Both teams. How many Crimson hot fixes in past 6 months? The good thing is - Nvidia have acted upon it and released info on it. Just as AMD release the hotfixes (as do NV). If you want bad reaction - look at how Apple doesn't tend to openly acknowledge any issue, just pretends it wasn't there in the first place and quietly fixes it. It's ALL about perceptions of software stability. In reality - they're all hackable.
Posted on Reply
#15
bug
xkm1948
nvidia driver seems to be nothing but headache these days.
Don't worry about it, a similar update is likely incoming from AMD. The guys who find these don't disclose vulnerabilities for 90 days, since they're 0-days.
Just be happy someone has our back and reports these ;)
Posted on Reply
#16
RejZoR
Well, when you move from just displaying fancy graphics to general purpose computing, things like this are to be expected...
Posted on Reply
#17
birdie
xkm1948
nvidia driver seems to be nothing but headache these days.
On my Windows 7 I've had exactly zero problems with NVIDIA drivers over the past six to seven years.

Of course, if you OC like crazy, run all sorts of shady applications, believe that SLI is a relatively cheap solution for increasing your games' performance, or use alpha quality OS'es like Windows 10 then you must suffer and it's not NVIDIA's fault.

RejZoR
Well, when you move from just displaying fancy graphics to general purpose computing, things like this are to be expected...
If games had been "general purpose computing" then your post would have made sense. Alas, games are nothing like that. NVIDIA/AMD/Intel drivers have hugely complex compilers/optimizers to run game code - there's nothing like that for the general x86-64 architecture. In fact you run your OS without any CPU driver at all - almost all the optimizations are inside the CPU.

Vulkan and D3D12 were created to make GPUs truly computational devices but it seems like there's still an abstraction layer to run and render your game in your OS and this layer is not exactly foolproof.
Posted on Reply
#18
BiggieShady
birdie
NVIDIA/AMD/Intel drivers have hugely complex compilers/optimizers to run game code - there's nothing like that for the general x86-64 architecture.
Nope, both drivers and your general purpose apps are built using same hugely complex compilers and same optimizations
birdie
In fact you run your OS without any CPU driver at all - almost all the optimizations are inside the CPU.
You have to see your motherboard with its chipset as your platform and it does have chipset drivers including a cpu driver, you see, because driver is such an encompassing word for a piece of software even if we'd say "conventional driver" it still means nothing. Bunch of drivers for known hardware are bundled with OS and active without you actually installing them.
The point is, since 6 years ago, half of the chipset is integrated into a CPU and cpu driver is a thing - it is intelppm.sys and it's bundled with chipset drivers and does very little thanks to bios flashing and microcode updates. It's being executed on a cpu core though as also is a gfx driver. Gfx driver additionally includes the code being executed on the gpu (if you use shaders from the nv control panel like fxaa and hbao)
birdie
Vulkan and D3D12 were created to make GPUs truly computational devices
Nope, been truly computational since nvidia's G80 architecture in 2006
birdie
seems like there's still an abstraction layer to run and render your game in your OS and this layer is not exactly foolproof.
Thin API doesn't mean it removes API layer completely, just makes it thinner and the whole thing becomes less foolproof. DX12 does have managed mode where you work similarly as with DX11.
Posted on Reply
#19
dorsetknob
"YOUR RMA REQUEST IS CON-REFUSED"
bug
So what, you worry about a problem only when you hear about it? If it's in the kernel, it's an attack vector.
UNTIL YOU HEAR ABOUT IT ITS NOT A PROBLEM but when you do hear about it Then its a problem ( and you can then Righteously Worry)

bug
I'm saying any driver is a security headache. That's part of the reason Microsoft came up with WHQL.
Raevenlord
vulnerabilities in NVIDIA's previous driver releases, which could "Lead to a Denial of Service
And these were WHOL Certified. Fat Good it seems they were then.
Posted on Reply
#20
LightningJR
birdie
specially
birdie
specially
*especially, fyi

im not usually the spelling police but it bothered me since you were flawless otherwise, even on your latest post. :p


sorry, please continue the proper discussion. :P
Posted on Reply
#21
BiggieShady
LightningJR
*especially, fyi
It can mean the same or not depending on the context :laugh:
Specially means "particularly, in a distinguishing manner, or for a particular purpose."
Especially means "exceptionally, in a noteworthy manner, or particularly."
So if it's "for a particular purpose" then it can be only specially, otherwise it can be both.
Especially is more commonly used though.
Posted on Reply
#22
LightningJR
BiggieShady
It can mean the same or not depending on the context :laugh:
Specially means "particularly, in a distinguishing manner, or for a particular purpose."
Especially means "exceptionally, in a noteworthy manner, or particularly."
So if it's "for a particular purpose" then it can be only specially, otherwise it can be both.
Especially is more commonly used though.
hmm well maybe I am incorrect and his grammar is superior.
Posted on Reply
#23
Fluffmeister
Vulnerabilities highlighted, fixes issued.

Drama ensues.
Posted on Reply
#24
bug
dorsetknob
And these were WHOL Certified. Fat Good it seems they were then.
The goes like this: Windows got a telemetry system and that told Microsoft most of the BSOD were cause by poor drivers. Thus WHQL was born. It wasn't meant to make drivers uncrackable, but to ensure drivers don't do outright stupid things. Judging by the number of BSODs I've seen in the past years WHQL did its job rather well.
And to reiterate my point, kernel drivers could always mess up a system and were always a vector of attack. Seeing someone reporting a vulnerability is nothing out of the ordinary. Unless the driver starts competing with Flash, that is :D
Posted on Reply
#25
InVasMani
bug
The goes like this: Windows got a telemetry system and that told Microsoft most of the BSOD were cause by poor drivers. Thus WHQL was born. It wasn't meant to make drivers uncrackable, but to ensure drivers don't do outright stupid things. Judging by the number of BSODs I've seen in the past years WHQL did its job rather well.
And to reiterate my point, kernel drivers could always mess up a system and were always a vector of attack. Seeing someone reporting a vulnerability is nothing out of the ordinary. Unless the driver starts competing with Flash, that is :D
How dare you forget to include Java guess you left them out like Trump left Twitter out of his meeting how dare he do that decide who he wants at his own meeting that presidential bastard!
Posted on Reply
Add your own comment