The host is missing a critical security update according to Microsoft security bulletin, MS13-088. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service, read content from a different domain or zone, bypass the Same Origin Policy or ob ...