GPU.zip Vulnerability Exposes Confidential Data on NVIDIA, AMD, and Intel GPUs

A recent study has exposed a critical security vulnerability affecting GPUs from all leading manufacturers. 

Researchers at four top American universities have uncovered “GPU.zip,” a cunning exploit that abuses built-in data compression in graphics cards to steal sensitive visual information. Major manufacturers NVIDIA, AMD, Intel and others are affected.

In the proof-of-concept attacks, the researchers remotely extracted usernames from Chrome browser sessions in as little as 30 minutes by manipulating compression in AMD Ryzen GPUs. They warn that GPU.zip could let hackers quietly steal passwords, emails, or other private data from countless unsuspecting users.

Tech giants were alerted about the vulnerabilities back in March 2023. But six months later, no patches have been released, leaving worldwide users susceptible to potential cyber-attacks.

By weaponizing inherent data compression that is automatically applied— often without user knowledge — the exploit capitalizes on a little-known GPU feature intended for innocent performance enhancement.

While complex, GPU.zip poses a dire global threat. Any computer, phone, or tablet with integrated or dedicated graphics is vulnerable. Thanks to tighter browser security constraints, only Firefox and Safari offer some protection.

Vishak
Meet Vishak, TechLog360's Content Editor and tech enthusiast. With a Computer Science degree and a passion for all things tech, Vishak delivers the latest in hardware, apps, and games with expertise. Trusted for his in-depth reviews and industry insights, he's your guide to the digital world. Off-duty, he's exploring photography and virtual gaming landscapes.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Exit mobile version