Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-1074PUBLISHED: 2021-04-21
NVIDIA Windows GPU Display Driver for Windows, R390 driver branch, contains a vulnerability in its installer where an attacker with local system access may replace an application resource with malicious files. Such an attack may lead to code execution, escalation of privileges, denial of service, or...
CVE-2021-1075PUBLISHED: 2021-04-21
NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the program dereferences a pointer that contains a location for memory that is no longer valid, which may lead to code execution, denial of se...
CVE-2021-1076PUBLISHED: 2021-04-21NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption.
CVE-2021-1077PUBLISHED: 2021-04-21NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a resource that is incorrectly updated, which may lead to denial of service.
CVE-2021-1078PUBLISHED: 2021-04-21NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel driver (nvlddmkm.sys) where a NULL pointer dereference may lead to system crash.
User Rank: Apprentice
5/25/2017 | 3:54:15 PM
Patching yes is key, but the most important is still Security awarness. How did this worm get in? It was via unwarry email users opening emails and fillowing links or activating attachments that is the entry point of this vulnerability.
The problem is we in the community tend to close the barn door after the horse has run through the house.
We do not need to depend on more tech solutions (Patching exempt).
Time to start serious end user education and start to close down the weekest link.