If you’re a GeForce Experience user who has left the program running over the last couple of days, you may want to restart it.
NVIDIA has released a patch for a critical vulnerability, which involves the software’s GameStream feature.
The vulnerability allows attackers (with local system access) to “corrupt a system file, which may lead to denial of service or escalation of privileges.”
Users can download/apply the update by either reloading GeForce Experience, or grabbing the patch directly from NVIDIA.
While this security flaw requires would-be attackers to have local user access and cannot be exploited remotely, it can still be abused via malicious tools dropped remotely on systems running vulnerable NVIDIA GFE versions.