The host is missing an important security update according to Microsoft security bulletin, MS15-039. The update is required to fix a same origin policy SFB vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to access sensitive user information, such as username or password and files on the hard drive.