The host is missing an important security update according to Microsoft security bulletin, MS14-025. The update is required to fix an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle passwords being distributed by Active Directory. Successful exploitation could allow attackers to decrypt the passwords and use them to elevate privileges on the domain.