The host is missing a critical security update according to Microsoft bulletin, MS15-130. The update is required to fix windows integer underflow vulnerability. The flaw is present in the windows, which fails to properly parse specially crafted fonts. Successful exploitation allows attackers to create new accounts with full user rights.