The host is missing an important security update according to Microsoft security bulletin, MS13-094. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle the expansion of S/MIME certificate metadata. Successful exploitation could allow attackers to disclose sensitive information such as the IP address and open TCP ports.