The Game Ready driver Nvidia released earlier this week for GeForce graphics cards ostensibly added new features announced at CES, like Nvidia FreeStyle filters, Ansel screenshot improvements, and ShadowPlay Highlights for Fortnite, Crossout, and Elex. But it quietly held another purpose, too: Protecting your data from hackers. Nvidia has patched its graphics cards to protect against the devastating Spectre attack that shook up the computing world over the past week.
Like its sister flaw, Meltdown, Spectre exploits how computer processors handle a task called “speculative execution” to gain access to sensitive data stored in your operating system’s protected kernel. But while Meltdown could be resolved by operating system patches, Spectre is harder to smack down, requiring individual software vendors to update potentially vulnerable applications. Nvidia discovered its GPU display driver software can fall prey to the Spectre CPU exploit—unsurprising, given how deeply graphics card software digs into your operating system kernel—and is pushing these updates to strengthen against it.
To be clear, Nvidia graphics hardware is not vulnerable to Meltdown or Spectre. This is a software patch to help protect against exploits against CPUs from Intel, AMD, and ARM.
These new drivers include initial mitigations against one of two known Spectre variants, CVE-2017-5753. As far as the second Spectre flaw, “Nvidia’s initial analysis indicates that the Nvidia GPU Display Driver is potentially affected by this variant,” the company says. “Nvidia expects to work together with its ecosystem partners on future updates for this variant.”
Consumer graphics cards aren’t the only hardware being patched to fight Spectre. Nvidia’s GeForce, Quadro, NVS, and Tesla cards on the R384 driver branch have fixes available now. Updated drivers for GRID users and Tesla card on the R390 branch will become available later this month.
Nvidia hasn’t said if the driver updates will affect performance, and we haven’t had time to test the new release with CES running this week. These initial fixes may not move the needle much, though. In a detailed breakdown of how Spectre fixes can slow down older PCs, Microsoft said that the mitigations for the first Spectre exploit—the one Nvidia’s new drivers protect against—have “minimal performance impact.” But strengthening Windows and CPU firmware against the second Spectre flaw slows down performance. Nvidia’s future software patches might not suffer the same fate; we’ll need to keep an eye on the situation as new fixes become available.