The host is installed with Microsoft Office and is prone GDI+ heap overflow vulnerability. A flaw is present in the applications, which fail to handle a specially crafted EMF image file. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or create new accounts with full user rights.