The host is missing a critical security update according to Microsoft security bulletin, MS16-107. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user.