Microsoft patches HoloLens WiFi security vulnerability and over 50 other bugs

Posted on Wednesday, July 12 2017 @ 14:08 CEST by Thomas De Maesschalck

This month's round of Microsoft's Patch Tuesday involves a total of 57 updates for security vulnerabilities, including patches for 19 critical flaws. Most of the patches address issues with Internet Explorer Edge, Windows, and Office.

But The Register points out there's also an interesting update for Microsoft's HoloLens device. It seems the headset suffered from a remote code execution vulnerability that could be exploited by sending a specially crafted WiFi packet to the device, without requiring any sort of authentication!

A remote code execution vulnerability exists when HoloLens improperly handles objects in memory. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted WiFi packet.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments

Share this story!