Enlarge (credit: Getty Images)

Hackers are using open source software that’s popular with video game cheaters to allow their Windows-based malware to bypass restrictions Microsoft put in place to prevent such infections from occurring.

The software comes in the form of two software tools that are available on GitHub. Cheaters use them to digitally sign malicious system drivers so they can modify video games in ways that give the player an unfair advantage. The drivers clear the considerable hurdle required for the cheat code to run inside the Windows kernel, the fortified layer of the operating system reserved for the most critical and sensitive functions.

Researchers from Cisco’s Talos security team said Tuesday that multiple Chinese-speaking threat groups have repurposed the tools—one called HookSignTool and the other FuckCertVerifyTimeValidity. Instead of using the kernel access for cheating, the threat actors use it to give their malware capabilities it wouldn’t otherwise have.

Following on from the news earlier that NVIDIA has released the RTX 3050 and RTX 3050 Ti for laptops , their new stable driver 460.80 is out for Linux.

As always for NVIDIA, they push out a new driver right away to get Linux support for their GPUs hooked up day and date with the release. The 460.80 driver adds support for:

• GeForce RTX 3050 Ti Laptop GPU
• GeForce RTX 3050 Laptop GPU
• T600 Laptop GPU
• T1200 Laptop GPU
• RTX A5000 Laptop GPU
• RTX A4000 Laptop GPU
• RTX A3000 Laptop GPU
• RTX A2000 Laptop GPU

It also includes some bug fixes:

• Fixed a bug that could cause AddressSanitizer to report a heap-buffer-overflow during initialization of the OpenGL and Vulkan libraries.
• Fixed a bug that could prevent a system from resuming from suspend when DisplayPort activity occurred while the system was suspended.
• Fixed a regression that prevented eglQueryDevicesEXT from correctly enumerating GPUs on systems with multiple GPUs where access to the GPU device files was restricted for some GPUs.
• Fixed a regression that could cause system hangs when changing display resolution on SLI Mosaic configurations.
• Fixed a bug that could result in blank displays when driving multiple displays at the same resolution using active DisplayPort dongles.

This is part of their "Production Branch", so it's good for everyone to upgrade. See the driver release page .

Developer Eric Engestrom has announced the availability of Mesa 21.1, the latest release for Linux open source graphics drivers powering Intel, AMD and more.

In the very short announcement , Engestrom mentioned Mesa will now be back to regular releases with a point release for bug fixes "every other week" which will see Mesa 21.1.1 on May 19. If you want stability, it's usually best to wait for at least that first point release.

As for what's new, as expected there's quite a lot including: RADV (AMD Vulkan driver) Variable Rate Shading, lots of RADV optimizations, Zink (OpenGL over Vulkan) saw a lot of expanded progress to bring it up to scratch and many smaller features and added hardware support.

See more about Mesa on the official site . How soon you get an update will be distribution dependent. Arch pulls it in quite quickly, while the likes of Ubuntu would need a PPA added like the kisak-mesa fresh PPA .

Here's a short and sweet update on the work for Zink, the upcoming OpenGL on top of Vulkan implementation announced by Collabora which has been progressing steadily.

As a quick refresher: Zink is a Mesa Gallium driver that leverages the existing OpenGL implementation in Mesa to provide hardware accelerated OpenGL when only a Vulkan driver is available. More on the why can be found here .

Developer Mike Blumenkrantz has been hacking away at Zink code lately, after announcing back in November 2020 that Valve jumped in to fund more work on it. In a fresh blog post is up where Blumenkrantz mentions the continued sponsorship from Valve, and as a result Zink can now run with NVIDIA GPUs on Linux with the wording "So now zink+nvidia is a thing.". See it in action below:

Once it's ready, it's going to be extremely interesting to see what becomes of it.

Interested in keeping up with the Vulkan driver development on the Raspberry Pi 4? We have a new update for you and an upcoming event you might want to watch.

While the v3dv driver is now part of Mesa and was released along with Mesa 20.3.0 back in December 2020, work has not stopped on it. There was still plenty of areas it could improve upon from features to performance, with developer Alejandro Piñeiro Iglesias writing on their blog about recent work.

Some of what's new includes:

• The following optional 1.0 features were enabled: logicOp, althaToOne, independentBlend, drawIndirectFirstInstance, and shaderStorageImageExtendedFormats.
• Added support for timestamp queries.
• Added implementation for VK_KHR_maintenance1, VK_EXT_private_data, and VK_KHR_display extensions
• Added support for Wayland WSI.

Interestingly it seems more developers are getting involved, as multiple features were hooked up by people not involved in the "core" team of the driver. Now it's in Mesa directly, anyone can get involved.

The driver itself became a conformant Vulkan driver last year but they still had more testing to do to find bugs. As part of this the Order Independent Transparency demo from Sascha Willems is now working too (see Willem's Vulkan stuff here ):

Additionally the FOSDEM 21 event in this weekend and they will be doing a talk on Saturday February 6  at 3PM UTC. The talk will cover the development story and current status of the driver, along with an overview of the design and the challenges of doing it.

Need to be on the bleeding edge of what NVIDIA have to offer? They just released driver version 455.50.03, as part of their Vulkan Beta Driver series . This is actually the second driver released this month, with 455.50.02 appearing on January 19. Here's a look over all that's new in them together.

Today's 455.50.03 release adds in support for these new Vulkan extensions:

• VK_KHR_workgroup_memory_explicit_layout
  • This extension adds Vulkan support for the SPV_KHR_workgroup_memory_explicit_layout SPIR-V extension, which allows shaders to explicitly define the layout of Workgroup storage class memory and create aliases between variables from that storage class in a compute shader.
• VK_KHR_zero_initialize_workgroup_memory

  • This extension allows the use of a null constant initializer on shader Workgroup memory variables, allowing implementations to expose any special hardware or instructions they may have. Zero initialization is commonly used by applications running untrusted content (e.g. web browsers) as way of defeating memory-scraping attacks.

The January 19 release with 455.50.02 added support for linear images in host-visible video memory, had two Windows bug fixes and one for Linux to fix "an issue with OpenGL where imported Vulkan buffers would fail with GL_OUT_OF_MEMORY when marked as resident".

Reminder: This special Vulkan beta driver is where all the shiny new stuff goes in before making its way into the stable release for everyone. Really, it's mostly aimed at developers and serious enthusiasts. Unless you need what's in them, it's generally best to use the stable drivers.

The newest stable versions of the main NVIDIA driver for Linux are at 460.32.03 released on January 7, 2021 from their "Production Branch" series or 455.45.01 released on October 17, 2020 from their "New Feature" series. Confused?

With the first Mesa release of 2021 for open source Linux GPU drivers upcoming with Mesa 20.1 hitting the Release Candidate stage, Collabora have been busy bringing up OpenGL on ARM Mali GPUs.

This is coming with the Panfrost driver, which Collabora has been working on for some time now. While not officially conformant yet as it seems they haven't gone through the conformance testing from The Khorons Group, they announced in a fresh blog post that both the Midgard and Bifrost GPU generation will see "non-conformant OpenGL ES 3.0 on Bifrost and desktop OpenGL 3.1 on Midgard (Mali T760 and newer) and Bifrost".

Great news for open source drivers, as having expanded proper native OpenGL support means more devices with these Mali GPUs will be able to run increasingly advanced games and applications out of the box with Mesa drivers and a modern Linux distribution.

You'll find these GPUs in various chips from the likes of AmLogic, Rockchip, Exynos, Allwinner and more.

See the full blog post here .

Going by the current roadmap for Mesa, we're expecting to see the final release of Mesa 20.1 with all the latest in open source graphics drivers for Linux in early February.

Here's something we missed with the latest NVIDIA driver updates - turns out that NVIDIA had multiple security issues that they put out in a recent security bulletin. Multiple issues affect both Windows and Linux, across multiple versions of the official NVIDIA proprietary driver.

The ones that affect the Linux desktop are:

• CVE‑2021‑1052: "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure."
• CVE‑2021‑1053: "NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service."
• CVE‑2021‑1056: "NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure."

There's also some vGPU security issues too, which also affect Linux but they're not regular desktop stuff.

If you want to make sure you're totally safe you should update to the latest driver in the series you're using. Going by the information on the NVIDIA security page you should be good on (or better) 460.32.03 which is the latest "Production Branch" driver, 450.102.04 and 390.141 being the latest Legacy driver.

You can look out for future security info here from NVIDIA.

On Linux with AMD GPUs you can decide between the RADV and AMDVLK drivers for Vulkan API support, and it appears AMD want to make things a little easier for you.

It can get a little confusing so here's the real basics: AMDVLK is the "official" external Vulkan driver developed by AMD, whereas RADV is part of Mesa and comes with most distributions by default. Sometimes certain games work better on one, sometimes on the other. Additionally, AMD only directly support Ubuntu and Red Hat, whereas Mesa with RADV focuses on everything they can.

With the latest AMDVLK 2021.Q1.1 release, AMD has made switching between the two a little easier. With this driver installed, you only need to set an environment variable to tell whatever game or application you're using what driver to use with "AMD_VULKAN_ICD" set to either "AMDVLK" or "RADV". The default is AMDVLK of course, if none is set.

Here's the highlights of this new driver release:

New feature and improvement

• Add AMD switchable graphics layer to switch AMD Vulkan driver between amdvlk and RADV
• Update Khronos Vulkan Headers to 1.2.164
• Navi21 performance tuning for game X-Plane, Madmax, Talos Principle, Rise of Tomb Raider, F12017

Issue fix

• RPCS3 Corruption observed on Game window on Navi10

See more on GitHub .