Security Bulletin: NVIDIA GeForce Experience – March 2019

NVIDIA has released a software security update for NVIDIA® GeForce Experience™. This update addresses an issue that may lead to code execution, denial of service, or escalation of privileges. To protect your system, download and install this software update through the GeForce Experience Downloads page. Go to NVIDIA Product Security.

Details

This section summarizes the potential impact that this security update addresses. Descriptions use CWE™, and base scores and vectors follow CVSS V3 standards.

The NVIDIA risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. NVIDIA recommends consulting a security or IT professional to evaluate the risk to your specific configuration.

Security Updates

The following table lists the software products and versions affected, and the updated versions that include this security update.

Download the updates from the GeForce Experience Downloads page, or open the client to automatically apply the security update.

Notes:

• Affected versions include the versions listed and all earlier branches and releases.
• If you are using an unsupported version or an earlier unsupported branch, upgrade to the latest supported version. To identify products that are no longer supported, contact NVIDIA Support.

Mitigations

None. See Security Updates for the versions to install.

Acknowledgements

CVE‑2019‑5674: NVIDIA thanks David Yesland of Rhino Security Labs for reporting this issue.