The host is missing a critical security update according to Microsoft security bulletin, MS16-011. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle exceptions when dispatching certain window messages. Successfully exploitation allows an attacker to probe the layout of the address space to bypass ASLR, could corrupt memory or spoof data.