The host is missing a critical security update according to Microsoft security bulletin, MS15-114. The update is required to fix a heap-based overflow vulnerability. A flaw is present in the application, which fails to properly handle crafted jnt files. Successful exploitation allows attackers to execute an arbitrary code in the context of the current user.