The host is missing a critical security update according to Microsoft bulletin, MS16-145. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which improperly handles objects in memory. Successful exploitation could allow attackers to gain the same user rights as the current user, if the current user is logged on with administrative user rights.