A systems administrator manages a group of servers that use a specific model of network interface card (NIC). The NIC manufacturer has issued a security bulletin detailing a critical vulnerability in the driver that allows for remote code execution. The administrator has already ensured all operating system patches are applied. Which of the following is the most effective and appropriate next step to harden the servers against this specific threat?
Download and install the updated driver from the NIC manufacturer's support website.
Disable the affected NIC in the server's UEFI/BIOS settings.
Block all traffic from untrusted networks to the affected servers using a network firewall.
Re-install the NIC using the generic driver provided with the operating system.
The correct action is to download and install the updated driver from the NIC manufacturer's support website. Security vulnerabilities in hardware drivers are addressed by the hardware manufacturer, and they release updated drivers with the necessary security patches. Applying the vendor-specific driver update directly mitigates the known vulnerability. Disabling the NIC in the UEFI/BIOS would mitigate the risk, but it is not a practical solution as it would render the server's network connection unusable. Blocking traffic with a firewall is a good defense-in-depth strategy, but it does not fix the underlying vulnerability in the driver itself, which could potentially be exploited by other means. Using a generic driver from the operating system is incorrect because it will likely not contain the specific, critical security fix provided by the hardware vendor for their device.