The host is missing a critical security update according to Microsoft security bulletin, MS12-029. The update is required to fix remote code execution vulnerability. A flaw is present in the applications, which fail to handle crafted RTF data. Successful exploitation could allow attackers to execute arbitrary code or crash the service.