Nvidia patches software driver, says GPUs not hit by chip flaws

Microsoft’s Jan. 2018 Patch Tuesday Lowdown
January 10, 2018
Ohio man indicted for using ‘Fruitfly’ malware to spy on Americans
January 10, 2018
This post was originally published on this site

(Reuters) – Nvidia Corp is having to adapt the software its graphics chips use to connect to other computers in response to the Spectre security threat, but its chief executive declared on Wednesday that its core products were not subject to the same risks as microprocessor makers such as Intel.

“Our GPUs are immune,” Jensen Huang, chief executive of Nvidia said during an event at the Consumer Electronics Show in Las Vegas, referring to graphics processor units (GPUs), the chip maker’s key product line.

“They are not affected by these security issues.”

Spectre is one of two chipset flaws, the other dubbed Meltdown, revealed by researchers last week which offer hackers opportunities to steal sensitive information from laptops, desktop computers, smartphones, tablets and internet servers.

The world’s top makers of microprocessors, also known as central processing units (CPUs), Advanced Micro Devices Inc, Softbank’s ARM Holdings have reported being potentially exposed to the Spectre flaw, while Intel Corp, the biggest of the three, has been hit by both.

Nvidia, the world’s leading maker of graphics chip processors (GPUs), said earlier in a blogpost that it is releasing software security patches for affected chipsets included GeForce, Tesla, Grid, NVS and Quadro. (bit.ly/2DeYzXN)

“Nvidia has no reason to believe that the NVIDIA GPU Display Driver is vulnerable to this (third) variant,” the company said, referring to Meltdown. A display driver is software that acts an interface between Nvidia chips and a screen.

Nvidia shares, down more than 1 percent in early trade, bounced back to gain 0.4 percent on the day after Huang’s statement. Intel shares were down 1.7 percent, while AMD, believed to be able to benefit from its rivals’ issues, gained 1.5 percent.


While the full extent of affected systems is not yet fully known, Cisco Systems Inc has said it has identified 18 vulnerable products and is looking for problems in nearly 30 other products, including switches and routers.

Affected companies, keen to quash any speculation that the flaws could require the replacement of millions of chips or provoke lawsuits caused by slowing computer performance, have been striving to play down the scale of the threat.

Software platforms have raced to supply initial patches to guard against microprocessor vulnerabilities, setting in motion a range of knock on effects as everyone from cloud-based datacenter providers to anti-virus companies have to rapidly adapt their own products to avoid freezing up users machines.

Nvidia’s actions are in this latter category of knock-on effects, Nvidia’s CEO said.

“Our driver is just software. Anybody who has software needs to patch,” Huang said. “I am absolutely certain our GPU is not affected. At this moment, I am absolutely certain our GPU is not affected.”

Intel and AMD have not disclosed the number of chips affected by the security flaws and AMD has said its products were at “zero risk” from Meltdown. ARM says that around 5 percent of more than 120 billion chips shipped since 1991 were impacted by Spectre and significantly fewer by Meltdown.

GeForce, Nvidia’s mainstay line of GPUs, is aimed at consumer markets and includes gaming chips. The Quadro chipsets are used for commercial workstations, while Tesla powers datacenters and is used for artificial intelligence processing such as that used in self-driving cars.

“Pretty much every modern processor is exposed somehow to these exploits,” Bernstein analyst Stacy Rasgon said.

“With Nvidia, the GPUs, it is not a hardware, my understanding is that it is a driver issue that they are fixing. But their processors like the Tegra and the Tesla, the ARM-based processors that they sell are going to be exposed to the Spectre exploits, just like everybody else.”

Additional reporting by Eric Auchard in Frankfurt and Laharee Chatterjee in Bengaluru; editing by Savio D’Souza and Patrick Graham