Press Release
NVIDIA resolves critical issues affecting Windows and Linux devices.
NVIDIA has released security upgrades to fix ten more bugs impacting the NVIDIA Virtual GPU (vGPU) management software in addition to six security holes discovered in Windows and Linux GPU display drivers.
The flaws make Windows and Linux systems vulnerable to attacks that could cause a denial of service, privilege escalation, data manipulation, or information disclosure.
Because all of these security flaws need local user access, potential attackers must first get access to susceptible targets via a different attack method.
Patching of eleven high severity vulnerabilities
Attackers can simply escalate privileges to obtain permissions above those provided by the OS after successfully exploiting one of the vulnerabilities fixed today.
Denial-of-service attacks or gaining access to otherwise inaccessible information can also be used to temporarily disable workstations running vulnerable drivers or software.
With the exception of the security flaws identified as CVE-2021-1052, CVE-2021-1053, and CVE-2021-1056 affecting the Linux GPU Display Driver for Tesla GPUs, which will start receiving an updated driver version on January 18, 2021, NVIDIA has patched all impacted software products and platforms.
The flaws have CVSS V3 base ratings ranging from 5.3 to 8.4, and NVIDIA has classified 11 of them as high-risk.
The risk assessment “is based on an average of risk across a broad set of deployed systems and may not represent the true risk of your local installation,” according to NVIDIA’s security alert.
To accurately assess the risk these vulnerabilities represent to your particular system configuration, the business further suggests speaking with an IT or security specialist.
The January 2021 Security Bulletin is a complete list of security problems that NVIDIA patched this month.
Several driver updates are accessible from hardware vendors.
NVIDIA advises users to use the security updates offered on the NVIDIA Driver Downloads page to upgrade their GeForce, NVIDIA RTX, Quadro, NVS, and Tesla GPU display drivers, as well as Virtual GPU Manager and guest driver software.
According to the business, certain consumers who choose not to manually fix the weaknesses might also get security upgrades bundled with Windows GPU display driver 460.84, 457.49, and 452.66 versions from their computer hardware vendors.
Users of the NVIDIA vGPU enterprise software must sign into the NVIDIA Enterprise Application Hub in order to download updates from the NVIDIA Licensing Center.
Today, January 19, 2021, Google released Chrome 88 to the Stable desktop channel, which contains security updates and the much awaited removal of Adobe Flash Player.
Chrome 89 is the newest Beta version, Chrome 88 has been moved to the Stable channel, and Chrome 90 will be the Canary version.
Users using desktop versions of Windows, Mac, and Linux can upgrade to Chrome 88 by selecting Settings -> Help -> About Google Chrome. When a new update becomes available, the browser will then check for it automatically and install it.
Removal of Flash Player from Chrome
On January 12th, 2021, Adobe Flash Player will no longer be supported, hence Google has totally removed Flash from the browser.
Organizations will no longer be able to use Enterprise policy to re-enable Flash Player in Google Chrome as a result of this change.
Since 2017, Google has been alerting consumers to the impending demise of Adobe Flash Player and recommending businesses to stop utilising it in their environments.
With this modification, Flash Player is no longer supported by the main platform for running Flash content.
FTP support was dropped
Due to its limited usage and lack of support for proxy or encrypted (FTPS) connections, Google decided to remove FTP support (ftp:/) from Chrome.
Because only “.1-.2%” of Chrome users actually utilise the FTP protocol, Google has been attempting to get rid of it since 2014.
With the introduction of a new “chrome:/flags/#enable-ftp” flag that determines whether or not FTP support is enabled, Google started deprecating FTP support with the release of Chrome 80.
In order to ensure that there would be no issues with accessing content on FTP sites during the epidemic, Google restored FTP support once more on April 9th, reversing the previous decision to disable it by default in Chrome 81.
“We will “undeprecate” FTP on the Chrome stable channel in light of the present problem. FTP, for instance, will resume operation “Asanka Herath, a Google software engineer, commented on a Chromium issue topic.
The browser no longer offers any FTP support as of the release of Chrome 88.
enhanced controls for the dark mode
Although Google Chrome has long supported operating system dark mode settings, not all of its controls have been converted to a dark mode style. Scroll bars and form controls are some of these controls.
With Chrome 88, the browser now uses a dark mode theme to display scroll bars and form controls.
increased protection against tabbing assaults
In order to prevent “tabnabbing” assaults, Chrome 88 will automatically apply the “noopener” context to links that open in new tabs when a user clicks on them. This attack technique is referred to as “tab-napping” by Google.
A security flaw called “tabbing” enables a freshly opened page to use javascript to send the user to a different URL from the one they were originally on. Any URL the threat actor chooses, such as phishing pages or pages that automatically download malicious files, might be used as the redirected URL.
HTML links can have a rel=”noopener” property added by web designers to stop a new tab from changing the referring page using JavaScript.
With the introduction of Google Chrome today, any links that open in a new tab will instantly have the rel=”nooopener” attribute applied to them.
New Tab search demonstration
The long-awaited capability of being able to search through all of your open tabs finally arrives in Chrome 88. When activated, a small down arrow will appear in a circle, and clicking it will launch a search dialogue.
Press Release
PE firm Insight Allies spends $290M for a bulk risk in CivicPlus, which provides software and also various other innovation to greater than 4,000 municipal governments (AJ Dome/Manhattan Mercury).
PE firm Insight Partners invests $290M for a majority stake in CivicPlus, which provides software and other technology to more than 4,000 municipal governments (AJ Dome/Manhattan Mercury)
AJ Dome / Manhattan Mercury:
PE firm Insight Partners invests $290M for a majority stake in CivicPlus, which provides software and other technology to more than 4,000 municipal governments — A Manhattan software business owner says a multimillion-dollar investment into the company will not change the company’s makeup.
Press Release
EXAMINING THE LINKS BETWEEN THE RATIONALIST COMMUNITY, WITH SLATE STAR CODEX BLOG AS ITS EPICENTER, AND INFLUENTIAL LEADERS IN TECH, INCLUDING OPENAI’S FOUNDERS (CADE METZ/NEW YORK TIMES)
Examining the links between the Rationalist community, with Slate Star Codex blog as its epicenter, and influential leaders in tech, including OpenAI’s founders — Slate Star Codex was a window into the psyche of many tech leaders building our collective future. Then it disappeared.
-
Social Media11 months agoWho is Rouba Saadeh?
-
Apps11 months agoWhy is Everyone Talking About Hindi Keyboards?
-
Apps11 months agoThings you need to know about Marathi keyboard today
-
Social Media11 months agoMati Marroni Instagram Wiki (Model’s Age, Net Worth, Body Measurements, Marriage)
-
Entertainment11 months ago12 Online Streaming Sites that Serve as Best Alternatives to CouchTuner
-
Apps11 months agoStuck with Your default Bangla keyboard? Isn’t it time for a change?
-
Entertainment11 months agoMovierulz Website: Movierulzz 2021 Latest Movies on Movierulz.com
-
Games9 months agoTop 7 Popular Puzzle and Card Games for Relaxing Your Brain on Mobile, Featuring Solitaire