Almost everyone is wrong about Nvidia’s GPU patch and the Spectre vulnerability
Let’s get straight to the point: Nvidia hasn’t released an update to patch the Spectre vulnerability in its GPU hardware, despite recent reports from leading outlets claiming it’s done just that.
Before you reach for the pitchforks, please hear us out. Nvidia technically doesn’t need to issue an upgrade, because its GPUs aren’t vulnerable to the Spectre bug – nor are they affected by the Meltdown exploit, which is exclusive to Intel chips.
That said, it decided to cover its bases by distributing an update designed to tighten the security of its software drivers, in a bid to mitigate the impact of the CPU-based Spectre bug – doing consumers a favour.
Related: CES 2018
The patch Nvidia released is for the drivers that let its GPUs work with operating systems like Windows, reports Reuters, adding that while they aren’t flawed, it’s updating them because they interact closely with vulnerable CPUs.
To Nvidia’s surprise, its good deed was met with harsh criticism from the media, with many publications falsely reporting that its standalone GPUs are at risk from Spectre, pulling the company into the firing line.
But now you know that isn’t true.
First uncovered by Google’s Project Zero security team back in 2017, Spectre is an underlying weakness in desktop and mobile chipsets manufactured by a number of top-grade suppliers, including ARM, AMD and Intel.
It’s similar to Meltdown, a flaw in modern Intel processors, which leaves a computer’s kernel memory data – the protected part of a system used to store sensitive information, like passwords – open to savvy hackers.
Related: A guide to the Meltdown and Spectre CPU flaws
Have you installed Nvidia’s driver update? Let us know over on Twitter @TrustedReviews.