Microsoft has patched 19 critical security issues in its regular round of security updates for July 2017.
The patch bundle addresses 54 issues in total, several of which allow for remote code execution.
This includes a flaw in Windows search that can be exploited with malicious messages, and a bug in the way Internet Explorer handles executable files and shared folders during remote operations.
No fewer than 12 critical memory corruption vulnerabilties in the Windows Scripting Engine component for Microsoft's web browsers are taken care of with the latest set of patches.
The Zero Day Initiative project said several of the patches were discovered as part of its bug hunting program.
One of the more oblique vulnerabilities patched today involves Microsoft's augmented reality device, the HoloLens.
A memory corruption flaw in the HoloLens software can be exploited by sending specially crafted wi-fi packets to fully compromise the device. No authentication is needed.
"On its own, that’s something to really delve into, but more than that, we now live in a world where Microsoft releases security patches for augmented reality headsets," ZDI wrote.
There is no known in the wild exploit for the HoloLens RCE, and the device is not in wide use.
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
Tech in Gov 2025
Forrester's Technology & Innovation Summit APAC 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
.jpg&h=271&w=480&c=1&s=1)
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
