This month's round of Microsoft's Patch Tuesday involves a total of 57 updates for security vulnerabilities, including patches for 19 critical flaws. Most of the patches address issues with Internet Explorer Edge, Windows, and Office.
But The Register points out there's also an interesting update for Microsoft's HoloLens device. It seems the headset suffered from a remote code execution vulnerability that could be exploited by sending a specially crafted WiFi packet to the device, without requiring any sort of authentication!
A remote code execution vulnerability exists when HoloLens improperly handles objects in memory. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would need to send a specially crafted WiFi packet.