In the wake of Meltdown and Spectre essentially every major industry player has issued a security statement, and NVIDIA is no exception, especially as a hardware vendor. Their initial security bulletin last week disclosed that while their GPU hardware was thought to be “immune,” security updates to GPU drivers and affected ARM SoCs were forthcoming. Along with the standard updates and bugfixes, 390.65 brings some of those mitigations to the GPU display driver side.

Strictly-speaking, 390.65 brings a security update with mitigations for a variant of Spectre (CVE-2017-5753), and is applicable to GeForce, Quadro, and NVS products. NVIDIA did note that their GPU display driver is potentially susceptible to the second Spectre variant (CVE-2017-5715), and are working on a related future update. The reason for the Spectre-focused fixes from NVIDIA, despite the fact that these are GPU drivers and have nothing to do with the vulnerable CPU hardware, is that Spectre in particular is an attack that targets other programs and spies on their data via a side channel. Since the hardware problems allowing Spectre cannot be easily fixed, part of the industry-wide mitigation efforts include modifying critical software so that they can't be spied on by Spectre. GPU drivers in turn are especially compelling Spectre targets - and high priority fixes - since they have in-depth kernel access.

In any case, Tesla and GRID products are additionally affected; depending on the OS/virtualization platform, security updates for those are either already released or due to release by the end of the month.

Beyond GPU drivers, GeForce Experience has also received a beta 3.12 security update, with general availability expected next Monday. For NVIDIA’s other products, there are now security updates for SHIELD Tablet and SHIELD TV, as well as Tegra Jetson TK1, TX1, and TX2. Across all products, NVIDIA has only identified the TX2 as vulnerable to both Meltdown and Spectre, as opposed to just Spectre.

Moving on to the more typical driver updates, Fortnite is the Game Ready headliner for 390.65, which includes Shadowplay Highlights support for Fortnite's Battle Royale mode. 390.65 also brings support for the recently-announced NVIDIA Freestyle, a new GeForce Experience feature that applies post-processing filters to supported games. Currently, Freestyle, along with an updated Ansel, is only available in the beta GeForce Experience 3.12 when Experimental Features are enabled.

On the more minor side, 390.65 now features a pop-up balloon notification when an external GPU is connected or disconnected, as well as updates/additions to SLI profiles for DIRT 4, Total War: Warhammer II, and X-Morph Defense.

Wrapping up this driver update, NVIDIA has documented the following resolved issues:

  • Surfaces in Batman Arkham Knight are rendered incorrectly on a GeForce GTX 970.
  • Artifacts appear when using Gamestream on the GeForce GTX 1080 Ti, TITAN X (Pascal), and TITAN Xp.
  • On notebook Fermi GPUs, enabling stereoscopic 3D brings up error message pointing to the Stereo driver.

The updated drivers are available through the GeForce Experience Drivers tab or online at the NVIDIA driver download page. More information on this update and further issues can be found in the 390.65 release notes. More details on NVIDIA’s Meltdown and Spectre mitigations can be found through their Security Bulletin page.

Source: NVIDIA

Comments Locked


View All Comments

  • Anand_win - Tuesday, January 9, 2018 - link

    Installed on my machine with 980 sli and Sandy Bridge and had to reformat. Was planning to. No dice with a single Maxwell. It's one of my test / work rigs so I can't test any further.
  • Anand_win - Wednesday, January 10, 2018 - link

    Sorry about the double post but I can't edit the first one. Running Maxwell with Haswell and later archs is fine. Same with Pascal. We don't run games, just "cuda" worloads. Hope that it helps.
  • kn00tcn - Friday, January 12, 2018 - link

    what do you mean 'had to reformat'? there was no fast way to uninstall/install previous?
  • vidal6x6 - Wednesday, January 10, 2018 - link

    How much update to you guys test the DPC latency !??????????? I see this forum about ten years for now i don't find any item tell with you guys "have the friendly user back side".
  • Anand_win - Wednesday, January 10, 2018 - link

    vidal6x6, that's a very interesting idea but it depends on many variants mostly dependant on software. I'm very, very far from my confort zone and more than welcome to sugestions.
  • Beaver M. - Wednesday, January 10, 2018 - link

  • nevcairiel - Wednesday, January 10, 2018 - link

    For some reason not in the release notes, this driver finally fixes HDR behavior. HDR now properly activates and de-activates again in games or video players.
  • ricelid - Wednesday, January 10, 2018 - link

    Thanks for the info! That's exactly what I wanted to know.
  • edzieba - Wednesday, January 10, 2018 - link

    I'd expect any driver that straddles the user/kernel divide would be vulnerable to Spectre and derived exploits. You probably don't care too much (beyond possible breakout routes) about drivers that do not handle sensitive data - who cares if someone can read the values of your RGB LED controller! - but GPU drivers that may be doing GPGPU are obvious targets, as are any kind of storage driver.
  • chrishs - Wednesday, January 10, 2018 - link

    They handle the screen so don't look at any banking/other account details.
    It might loose encrypted content playable rights if the keys can be read, blue ray, netflix, hdcp.
    Can you refer to main (non-gpu) memory in speculatative graphics code ? ie nothing safe.

Log in

Don't have an account? Sign up now