The host is installed with Microsoft Windows XP, Microsoft Windows Server 2003, Microsoft Windows Vista, Microsoft Windows Server 2008, Microsoft Windows 7, Microsoft Windows Server 2008 R2, Microsoft Windows 8 or Microsoft Windows Server 2012 and is prone to remote code execution vulnerability. A flaw is present in the the way that the Windows common control library (aka Comctl32.dll) handles allocating memory for data structures. Successful exploitation could allow attackers to execute remote code.