Is GPU-Z Putting Personal Data at Risk? Not Really, but the Developer Responds
In recent days, the tool GPU-Z has come under scrutiny following the disclosure of a supposed critical vulnerability. The case was raised by user weezerOSINT, or more simply "impulsive," who described a rather alarming scenario related to the Trixx.sys driver through a series of posts on social media.
According to reports, an attacker could exploit this component to gain full access to the system, allowing them to read sensitive data directly from memory. Among the potentially exposed information would be passwords, session tokens, and browser-managed content, all of this without traditional security tools being able to detect the activity.
GPU-Z is on basically every gaming PC on earth. TechPowerUp makes it. They also make Sapphire TRIXX. What I found is insane... both ship TRIXX.sys. IOCTL 0x800060C4 calls HalSetBusDataByOffset with user-controlled bus, device, function, and offset. Any local process. No admin.
— impulsive (@weezerOSINT) April 14, 2026
The statements quickly drew the community's attention, especially due to one particularly delicate detail: the hypothetical attack would not require administrative privileges. This element significantly increases the risk of a successful attack.
"What can a malicious actor do with this? Steal passwords. Discord tokens. Browser sessions. Everything that Windows stores in RAM is directly readable by the hardware. Your antivirus never sees it because no protected process has been touched," the user wrote on X.
While much of the community has shown concern and alarm regarding the statements made by "impulsive," a small circle expressed skepticism towards the analysis. Thus, the colleagues at ComputerBase directly contacted the tool's developer, known as Wizzard from TechPowerUp.
The first thing the expert emphasized was that a standard user cannot access the information listed by "impulsive" because it is the driver itself that requires administrative permissions, which completely changes the scenario.
4 months ago I knew nothing about BYOVD / Malware or EDR, my skillset was Web / api oriented. It's nice to learn new things — impulsive (@weezerOSINT) April 14, 2026
On the other hand, it was the same user who later explained that he had only been involved in software security for four months and that his skills are "Web / api oriented." This, however, did not stop the discussion from continuing and culminating in a direct confrontation between "impulsive" and "Wizzard."
The software's creator admitted that while part of the analysis was incorrect and consequently the deductions false, in fact, some issues have emerged and he is already working on improving the program. At the same time, however, he also explained that a significant portion of the vulnerabilities are unsolvable because they are tied to how Windows manages drivers and are therefore intrinsic to the operating system.
In conclusion, we do not know if GPU-Z will include modifications in this regard, but it seems likely. After the exchange of opinions between the two on GitHub, it appears that Wizzard is trying to mitigate, as much as possible, the vulnerabilities of Windows with the upcoming update of the tool.
— impulsive (@weezerOSINT) April 14, 2026