This host is missing an important security update according to Microsoft Bulletin MS13-004.

Successful exploitation will allow an attacker to execute arbitrary code with the privileges of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Impact Level: System/Application

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms13-004

- An error within the System Drawing namespace of Windows Forms when handling pointers can be exploited to bypass CAS (Code Access Security) restrictions and disclose information. - An error within WinForms when handling certain objects can be exploited to cause a buffer overflow. - A boundary error within the System.DirectoryServices.Protocols namespace when handling objects can be exploited to cause a buffer overflow. - A double construction error within the framework does not validate object permissions and can be exploited via a specially crafted XAML Browser Application (XBAP) or an untrusted .NET application.

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0, 3.5, 3.5.1, 4 and 4.5

• http://secunia.com/advisories/51777/
• http://support.microsoft.com/kb/2742595
• http://support.microsoft.com/kb/2742596
• http://support.microsoft.com/kb/2742597
• http://support.microsoft.com/kb/2742598
• http://support.microsoft.com/kb/2742599
• http://support.microsoft.com/kb/2742601
• http://support.microsoft.com/kb/2742604
• http://support.microsoft.com/kb/2742607
• http://support.microsoft.com/kb/2742613
• http://support.microsoft.com/kb/2756918
• http://support.microsoft.com/kb/2756919
• http://support.microsoft.com/kb/2756920
• http://support.microsoft.com/kb/2756921
• http://support.microsoft.com/kb/2769324
• http://technet.microsoft.com/en-us/security/bulletin/ms13-004

---

Updated on 2015-03-25