Skip to main content

Microsoft issues its first HoloLens security patch in July’s Patch Tuesday

microsoft july 2017 patch tuesday hololens lowe s
Image used with permission by copyright holder
Recent malware attacks such as the WannaCry and Petya ransomware epidemics have highlighted the need to keep our PCs fully updated if we want to remain even remotely safe from attack. It doesn’t matter if you’re running Windows 10 or MacOS, there are threats popping up all the time that companies are responding to with security patches. But it is not just your PC — ancillary devices like the HoloLens augmented reality headset can also be vulnerable.

Tuesday was Microsoft’s usual Patch Tuesday, its time of the month when it issues its main security update for Windows systems. This time around, as Trend Micro points on in its security blog, it was not just the core Windows components that were inoculated against potential threats — HoloLens also received its very first security patch.

Recommended Videos

According to Microsoft’s security advisory, CVE-2017-8584 is a vulnerability involving remote code execution that was identified in HoloLens, whereby the device does not correctly handle a specific kind of attack that is delivered via Wi-Fi. Trend Micro reports that HoloLens use is not very widespread compared to PCs and other more popular devices, but this particular patch is notable for being the first reminder that such systems can represent yet another vector of attack.

In fact, HoloLens is particularly interesting from a security perspective because it is an entirely stand-alone device that does not use a PC or other device such as a smartphone to do its computing. Systems like Oculus Rift and the HTC Vive rely on PCs and their software is continuously being updated to fix potential security vulnerabilities. But this Patch Tuesday could very well be the first time a stand-alone AR system has received a security patch.

July’s Patch Tuesday was not all about HoloLens, of course. Internet Explorer also got the usual round of fixes, as did Microsoft’s Edge browser that is meant to succeed the older application. A fix for Windows Search, CVE-2017-8589, was also released to ward off attacks that could allow a nefarious party to take over an infected system.

While the HoloLens patch is applicable to far fewer people, the rest of Patch Tuesday’s fixes are — as always — vital and we recommend users keep automatic updates turned on so these and other fixes are applied immediately. The vulnerability behind both WannaCry and Petya was fixed in March for actively supported systems, and so anyone running Windows 10 and was fully patched did not have to worry about infection. However, running an obsolete and unsupported version of Windows or turning updates off was an easy way to see that horrifying ransomware notice pop up.

Mark Coppock
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
The creators of the Arc browser are reimagining web browsers yet again
A screenshot of Dia being used on a Mac.

The people behind the Arc browser are recruiting for a new big project -- a second browser product powered by AI. It was hinted at recently, but now it's official. It's called Dia, and it's built around The Browser Company's belief that AI features can't be contained in a single app or behind a single button -- instead, software needs to built from the ground up with AI in mind.

The video the company posted is part product announcement and part recruitment video, and it teases a few features the new browser will have. It seems it will get all the now-usual AI features like an autocomplete-type feature that fetches facts from the web, as well as summary generation and idea generation.

Read more
These Cyber Monday stocking stuffers are now on sale
Two boys playing with a Simon Says Micro.

Christmas is upon us, and although there's a lot of heartfelt sentiment around the biggest holiday of the year, it also means something more material: gifting (!). If you're using Cyber Monday deals to start getting gifts, that's great — but most buys are usually too large to fit in a stocking (just try to fit one of these Cyber Monday Alienware deals in a sock!), and the prices can be way off.

How much should you spend on stocking stuffers? What is "allowed"? We rounded up a list of the best gifts to buy on Cyber Monday for your stocking-stuffing needs — all of which are tiny treasures that will undoubtedly be well-received and, in some cases, will generate a fun laugh.
Best Cyber Monday Sales

Read more
The Acer Aspire Go 15 Slim is sold out, so get this Acer Aspire Cyber Monday deal instead
Acer Aspire 3 Slim Laptop Cyber Monday deal

Not every laptop or desktop computer has to be built to tackle a super-heavy workflow or resource-heavy software suites. In fact, if you’re the kind of user who just needs a basic PC for web browsing, video chats, watching movies, and light gaming, we think the following offer may be of interest: For Black Friday and Cyber Monday, the Acer Aspire Go 15 was discounted by $100.

Unfortunately, that deal is sold out, but we found an Acer Aspire 3 Slim for $280 -- saving you over $40. It features a 15.6-inch full HD display, AMD Ryzen 3 7320U processor, 8GB of LPDDR5 RAM, and a 128GB NVMe solid-state drive. Honestly, it might be more impressive than the Aspire Go from the previous deal.

Read more