Nvidia rushed out a patch after it was discovered that when ShadowPlay, NvContainer or GameStream were enabled, anyone could modify files in the application's folder. At first, this might seem pretty minor, you might lose your custom profile for that sick new looter shooter you only bought a few days back, and maybe the app will become corrupted, but nothing much more should happen, in theory. However, once the malicious code has access to the folder, it can create a type of redirect called a symbolic link in the folder, which would allow it to modify any system file. This could lead to ransomware implanting itself into the root of the OS, leading to a fair few problems down the line for all the people who have it preinstalled on their PCs and don't know how to update the application.
For the 1% who don't know what GFE is, it's Nvidia's equivalent of AMD's Radeon Software or Intel's New Graphics Control Panel. Don't know what that it? They're applications that enable you to modify your GPU's setting in a modern, intuitive GUI. They also allow you to set custom profiles for different games and applications, e.g. turning off Freesync in CS:GO because its frame rate exceeds your monitor's native refresh rate, and update your GPU's drivers. A compromised GFE could have some dire implications for system stability if it installed modified drivers that allowed malware to have top-level access to your system.
This could lead to some serious problems down the line, as a significant number of systems will not be updated, whether it is due to poor maintenance or a lack of technical know-how from the end user. Also, a lot of people who have PCs with Nvidia hardware never read the tech press or, for that matter, visit Nvidia's website, so they would not see a press release or the articles urging people to update their vulnerable software. This will lead, inevitably, to another large scale attack akin to WannaCry, as I can't somehow imagine the NHS updating their Nvidia control panels.
Unlike holding out on Windows 7, there is no real reason to stick with the older software, unless you want your computer to be used to DDOS another megacorporation. Or maybe you're just a Radeon fanboy and want to annoy Jensen instead.
Just do it,