On April 20, 2026, security researcher Impulsive revealed a significant security vulnerability in GPU-Z, a hardware monitoring tool extensively utilized by PC gamers worldwide. The tool's built-in TRIXX.sys driver possesses the capability to directly access and modify a computer's physical memory, circumventing the need for administrator privileges. This loophole enables attackers to elevate their privileges to the system's highest level. The crux of the vulnerability resides in the control code IOCTL 0x800060C4 within TRIXX.sys, which boasts an exceptionally low permission threshold. Attackers can exploit this by invoking system kernel functions to redefine PCI BAR, thereby reading or altering data in the physical memory.

Furthermore, the driver is equipped with a valid EV digital signature that remains effective until 2028, facilitating hackers in bypassing Windows security barriers. GPU-Z's creator, Wizzard, conceded the technical soundness of certain details but contended that standard user programs are incapable of directly interacting with the driver. He emphasized that administrator privileges are prerequisite for triggering the vulnerability. Presently, Wizzard is diligently working on a patch to rectify the vulnerability and urges users to exercise vigilance.