Last month’s Patch Tuesday highlighted updates for older Windows versions to address vulnerabilities responsible for the WannaCry outbreak. This month’s Patch Tuesday shifts its focus to other technologies, with an update that addresses 54 vulnerabilities – including one in the augmented reality sphere.
One notable vulnerability in this month’s Patch Tuesday is CVE-2017-8584, a remote code execution vulnerability that deals with Microsoft’s augmented reality device known as HoloLens. This vulnerability is triggered when HoloLens improperly handles objects in memory when an attacker sends a specially crafted WiFi packet. In terms of prevalence, it is unlikely to cause much real world damage due to the niche nature of augmented reality devices. However, it still poses an interesting talking point and might be an indicator that these kinds of technology can potentially be used for malicious purposes.
Another important vulnerability addressed in this release was CVE-2017-8589, which is a remote code execution vulnerability that exists when Windows Search handles objects in memory. Attackers exploiting this vulnerability do so by sending specially crafted messages to the Windows search service. Successfully exploiting this flaw could allow an attacker to take control of the affected system. This vulnerability can potentially use the Windows Server Message Block (SMB) as an attack vector. However, unlike EternalBlue, the vulnerability is not in the SMB protocol itself.