The host is missing a Critical security update according to Microsoft security bulletin, MS10-046. The update is required to fix remote code execution vulnerability. A flaw is present in the Windows Shell, which fails to parse a malicious shortcut file and executes a malicious code when the operating system displays the icon of it. Successful exploitation allows an attacker to gain sensitive information such as same user rights as the logged-on user.