The host is missing a critical security update according to Microsoft security bulletin, MS10-051. The update is required to fix a remote code execution vulnerability. The flaws are present in the Microsoft XML Core Services (MSXML) which fails to handle HTTP responses. Successful exploitation allows an attacker to gain sensitive information such as same user rights as the logged-on user.