Nvidia Warns Windows Gamers of GeForce NOW Flaw | Threatpost

Nvidia is red-flagging a high-severity flaw in its GeForce NOW application software for Windows. An attacker on a local network can exploit the flaw in order to execute code or gain escalated privileges on affected devices.

GeForce NOW is the brand used by Nvidia for its cloud-based gaming service, which enables real-time gameplay on desktops, laptops, Macs and Android devices. With an estimated user base of 4 million, the service is wildly popular in the gaming community.

In a Tuesday security advisory, Nvidia revealed a flaw in the popular service (CVE‑2020‑5992) that has a CVSS score of 7.3.

The bug stems from an “open-source software dependency” having to do with the OpenSSL library, which is a software library for applications that secure communications over computer networks against eavesdropping or which need to identify the party at the other end.

In this situation, OpenSSL library is vulnerable to binary planting attacks, according to Nvidia in its security advisory. Binary planting is a type of attack where the attacker “plants” a binary file that contains malicious code inside a (in this case local) file system, in order for a vulnerable application to load and execute it.

All versions prior to 2.0.25.119 are affected; users are urged to update to version 2.0.25.119.

“To protect your system, open the GeForce NOW application to automatically download the update and follow the instructions for applying it,” according to Nvidia.

Nvidia has recently faced various security issues in its gaming-friendly products. That includes two recent flaws in the Windows version of its GeForce Experience software. The most severe flaw of the two (CVE-2020-5977) can lead to a slew of malicious attacks on affected systems – including code execution, denial of service, escalation of privileges and information disclosure.

In October, Nvidia also released a patch for a critical bug in its high-performance line of DGX servers that could open the door for a remote attacker to take control of and access sensitive data on systems typically operated by governments and Fortune-100 companies.

Other Processor Security Issues

Chip manufacturers have deployed a slew of security updates this past week. A massive Intel security update on Tuesday, for instance, addressed flaws across a myriad of products – most notably, critical bugs that can be exploited by unauthenticated cybercriminals in order to gain escalated privileges. These critical flaws exist in products related to Wireless Bluetooth – including various Intel Wi-Fi modules and wireless network adapters – as well as in its remote out-of-band management tool, Active Management Technology (AMT).

Also this week, researchers unveiled a new way to steal cryptographic keys from Intel chips through a new side-channel attack, which they call PLATYPUS.

The attack stems from the ability to exploit the Intel Running Average Power Limit (RAPL) interface. RAPL allows monitoring and controlling the power consumption of the CPU and DRAM in software. By launching a side-channel attack against RAPL, researchers were able to not only distinguish different keys, but also reconstruct entire cryptographic keys.

Intel for its part said that the flaws (CVE-2020-8694 and CVE-2020-8695) are medium-severity. That’s in part due to the fact that in order to launch an attack, a bad actor would need to have local access to a device, and would need to be authenticated or privileged.

The chip-maker recommended that users of affected Intel CPUs update to the latest firmware version provided by the system manufacturer (a full list of affected Intel chips and updates can be found here).

“Intel recommends that users of affected Intel Processors install the updates provided by their software vendors,” according to Intel’s advisory. “In Linux, for the change to be effective it will require a reboot. If a reboot is not possible, Intel recommends changing the permissions of the affected sysfs attributes so that only privileged users can access them.”

Hackers Put Bullseye on Healthcare: On Nov. 18 at 2 p.m. EDT find out why hospitals are getting hammered by ransomware attacks in 2020. Save your spot for this FREE webinar on healthcare cybersecurity priorities and hear from leading security voices on how data security, ransomware and patching need to be a priority for every sector, and why. Join us Wed., Nov. 18, 2-3 p.m. EDT for this LIVE, limited-engagement webinar.