The host is missing an important security update according to Microsoft security bulletin, MS11-061. The update is required to fix cross-site scripting (XSS) vulnerability. A flaw is present in Remote Desktop Web Access which fails to properly validate a URL parameter. Successful exploitation allows remote attackers to disclose information or execute arbitrary code.