ADV190017

Описание

Executive Summary

Microsoft is aware of vulnerabilities that affect the Broadcom wireless chipset included in the Microsoft HoloLens device. The vulnerabilities could allow an unauthenticated attacker in physical proximity to cause a denial of service condition or execute code on a target system. The vulnerabilities were issued CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503.

To address this issue, Microsoft has included the updated Broadcom firmware in the latest HoloLens update.

Recommended Actions

Microsoft recommends that customers install the June security update for HoloLens. See the Security Updates table for the link to the update and more information.