The host is installed with Windows 7 or Windows Server 2008 R2 x64 and is prone to spoofing vulnerability. A flaw is present in Kerberos implementation, which fails to correctly enforce stronger default encryption standards. Successful exploitation could allow a man-in-the-middle attacker to force a downgrade in Kerberos communication between a client and server.