The latest Nvidia drivers include security fixes for a handful of GPU display driver vulnerabilities in Windows and Linux, and should be downloaded as soon as possible. Several of them are of high severity and can lead to denial of service, privilege escalation, and information leakage.

Nvidia outlines six GPU display driver vulnerabilities fixed in the latest GeForce driver update (version 461.09 on Windows and 460.32.03 on Linux). The most serious of these vulnerabilities was found within the kernel mode layer handler of DxgkDdiEscape. This vulnerability is rated 8.4 on the widely used CVSS vulnerability rating scale because of the potential for denial of service and privilege escalation if a malicious actor were to enter the system and install it.

It is worth noting that this flaw can only be exploited locally and must be approached very closely to do so. As such, the vulnerability is actually rated quite low on the exploitability scale.

Still, this is a serious enough vulnerability that a note should be made to update your drivers immediately. Come on, now. I'll wait.

The latest Nvidia driver does not offer any new gaming support to make it safer, but it does patch a few other outstanding issues, including crashes and hangs on some systems.

Nvidia has noted additional vulnerabilities (also patched in this latest update) in the Nvidia VGPU software for virtual desktops. The most serious of these is rated 7.8, but it still requires a local attack and is therefore rated as unlikely to be exploitable.

While there is nothing to worry about here, it is an important precaution to keep your drivers updated, as well as to get the latest game-optimized drivers. The latest Nvidia drivers can be obtained from the official download page here.