The host is missing a critical security update according to Microsoft security bulletin, MS12-078. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Windows kernel, which fails to handle the objects in memory. Successful exploitation could allow remote code execution if a user opens a specially crafted document or visits a malicious webpage that embeds TrueType font files.