The host is missing a critical security update according to Microsoft bulletin, MS15-099. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory or handle a specially crafted Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user.