Hacker Discovers Gaping Security Hole in NVIDIA Graphics Driver

Remote users might be able to gain administrator rights through it

By on December 27th, 2012 08:58 GMT
Software security is very important nowadays, for consumers as well as business/government users, which means that security shortcomings are never disregarded when they are finally found.

In this particular case, the winter holidays have been cut short for the team responsible for NVIDIA's display drivers.

A hacker whose Twitter handle is @peterwintrsmith is the one responsible for the muted Christmas cheer.

Of course, he and his cohort would probably argue that NVIDIA is responsible for its own fate, so to speak, since it was its own fault that the gaping hole in the driver's security came to be in the first place.

And by hole in security we mean that the display driver service has a component that allows ordinary local and remote users to gain administrator privileges in Windows.

The exploit shows how the NVIDIA Display Device server (NVVSVC) can listen on a pipe through “pipensvr” (a means by which different processes talk to each other).

Since pipensvr has a null/empty discretionary access control list (DACL, a security whitelist for users/groups), ordinary users logged in local and remote networks can usurp control of the system.

The reason we said that this discovery cut short the holiday of NVIDIA's driver team (most likely) is simple: they have to fix it as soon as possible.

Of course, the driver team isn't the only one working through the holidays, assuming recent reports are more than unsubstantiated rumors. December has turned out to be a very busy month.

We are referring to the murmurs that Intel is thinking of buying the GPU maker, and that NVIDIA's CEO would become the overall leader.

True, Paul Otellini did say he would retire in May 2013, which is the only reason that wild assumption was even made, but it is more likely that an insider will assume his position.

Comments