POPPUR爱换

标题: N卡驱动被曝严重漏洞 [打印本页]

作者: Nv-fans 时间: 2012-12-26 21:24
提示: 作者被禁止或删除内容自动屏蔽

作者: dizhang 时间: 2012-12-26 21:40
提示: 作者被禁止或删除内容自动屏蔽

作者: vista@xp 时间: 2012-12-26 21:44
全系列的？

作者: Windyson 时间: 2012-12-26 21:52
NV怎么办，老黄怎么办

作者: justwater 时间: 2012-12-26 21:53
按摩店也不是安全，那个自动更新也是漏洞百出。彼此彼此。

作者: Nv-fans 时间: 2012-12-26 22:03
提示: 作者被禁止或删除内容自动屏蔽

作者: coollab 时间: 2012-12-26 22:20

Nv-fans 发表于 2012-12-26 22:03
笑死,现在NV是整个漏洞被爆出来还是普通的本地丶远程用户都能获得系统的管理员权限
跟AMD自己承认且还没 ...

NV明早就倒闭

微软也是，到处都是漏洞，早都快倒闭了

你看AMD多好，一直都是beta版本，从来不关自己的事情，谁叫AMD连WHQL测试都通不过呢？

作者: Nv-fans 时间: 2012-12-26 23:10
提示: 作者被禁止或删除内容自动屏蔽

作者: goldman948 时间: 2012-12-26 23:24
d版都敢玩了还怕驱动漏洞?

作者: justwater 时间: 2012-12-27 08:28

Nv-fans 发表于 2012-12-26 23:10
[titter>连NVIDIA的烧卡驱动都能过了,还有甚麽不会发生[titter>

听说明天NVIDIA就要靠黑科技消灭intel ...

按摩店连你这种水平的瞄准器都能购买，可见枪法也是不咋滴。

作者: lvhan 时间: 2012-12-27 09:51
有了问题就改正扯这些没用的干啥

作者: Windyson 时间: 2012-12-27 10:03

Nv-fans 发表于 2012-12-26 23:10
[titter>连NVIDIA的烧卡驱动都能过了,还有甚麽不会发生[titter>

听说明天NVIDIA就要靠黑科技消灭intel ...

拥有25年资历的迈克尔·高达德（Michael Goddard）也在日前正式告别了AMD。

AMD自灭了

作者: alecddr 时间: 2012-12-27 11:12
做软件完全没漏洞？你觉得可能么？发现漏洞改就是。

作者: 50857817 时间: 2012-12-27 13:53
真奇怪，NV有软件问题非要去扯到AMD干吗
好在NV开发人员比这里的大神们清醒多了，乘早解决问题而不是在那里自我安慰

作者: maxspeeds 时间: 2012-12-27 15:44
哦。。。

作者: ytplt 时间: 2012-12-27 17:04
有就有呗，很正常...............

作者: westlee 时间: 2012-12-27 17:45
提示: 作者被禁止或删除内容自动屏蔽

作者: Nv-fans 时间: 2012-12-27 18:36
提示: 作者被禁止或删除内容自动屏蔽

作者: wd19880427 时间: 2012-12-27 19:32
我想说的是好像目前最高的驱动是310.70，老版本驱动有漏洞有啥关系？难道我会说我用着win7去喷XP的漏洞么？或者说我会喷一个已经被微软补上的漏洞？

作者: G70 时间: 2012-12-29 05:51
提示: 作者被禁止或删除内容自动屏蔽

作者: G70 时间: 2012-12-29 05:52
提示: 作者被禁止或删除内容自动屏蔽

作者: clawhammer 时间: 2012-12-29 08:42
本帖最后由 clawhammer 于 2012-12-29 08:42 编辑

http://www.techpowerup.com/177540/AMD-to-Get-Rid-of-Catalyst-Auto-Update-Feature-in-2013-Cites-Security-Concerns.html

AMD to Get Rid of Catalyst Auto-Update Feature in 2013, Cites Security Concerns

It looks like somebody found a security vulnerability in the auto-update feature of AMD Catalyst Control Center (CCC), which notifies you of updates to Catalyst system software and directs you to the download page. AMD announced that it plans to discontinue the feature starting in 2013, and recommends that you get your driver updates the old-fashioned way: by keeping up with the news and getting your drivers from the internet. Due to the severity of the exploit, AMD recommended users to disable auto-updates in their current CCC configuration, or click on "skip" whenever it prompts you to update drivers. AMD stated:
AMD will be removing the auto-update notification functionality from versions of AMD Catalyst Control Center running under Windows Vista, Windows 7 and Windows 8, beginning in early 2013. Due to a minor security vulnerability in the auto-update notification, users are recommended to update to the latest AMD Catalyst driver release from the amd.com web site. Alternatively, users should (i) uncheck the "Automatically check for updates" option under AMD Catalyst Control Center > Information > Software Update, and (ii) choose to "Skip" notifications from the AMD Catalyst driver, which notifications recommend updating to the latest driver.

作者: clawhammer 时间: 2012-12-29 08:48

国内的小编就会添油加醋
这是原文

An [ethical?] hacker going by the Twitter handle @peterwintrsmith discovered a gaping security hole in NVIDIA's display driver service that allows ordinary local and remote users to gain administrator privileges in Windows. Mr. Winter-Smith posted a description and details of the exploit, in which he describes the NVIDIA Display Device server (NVVSVC) as listening on a pipe (a means by which different processes talk to each other) "pipensvr," which has an null/empty discretionary access control list (DACL, a security whitelist for users/groups), letting ordinary logged in local and remote users (firewall permitting, and the remote admin has a local account) to gain administrator rights to the system. In our opinion, the exploit is plausible, and could cut short winter breaks of a few in Santa Clara.

作者: justwater 时间: 2012-12-29 10:15
撸主干净百度翻译，我看好你哟。

作者: jocover 时间: 2012-12-29 16:22
要的自己拿去玩吧

欢迎光临 POPPUR爱换 (https://we.poppur.com/)