This host is missing a critical security update according to Microsoft Bulletin MS12-027.

Successful exploitation could allow an attacker to execute arbitrary code within the context of the application. Impact Level: System/Application

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms12-027

The flaw is due to an error within the ListView, ListView2, TreeView and TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls and can be exploited to corrupt memory.

Microsoft SQL Server 2008 Microsoft Visual Basic 6.0 Microsoft Commerce Server 2009 Microsoft SQL Server 2005 Service Pack 4 Microsoft SQL Server 2000 Service Pack 4 Microsoft Visual FoxPro 9.0 Service Pack 2 Microsoft Visual FoxPro 8.0 Service Pack 1 Microsoft Commerce Server 2007 Service Pack 2 Microsoft Commerce Server 2002 Service Pack 4 Microsoft Office 2010 Service Pack 1 and prior Microsoft Office 2007 Service Pack 3 and prior Microsoft Office 2003 Service Pack 3 and prior Microsoft SQL Server 2000 Analysis Services Service Pack 4

• http://secunia.com/advisories/48786
• http://technet.microsoft.com/en-us/security/bulletin/ms12-027
• http://www.securitytracker.com/id/1026904

---

Updated on 2015-03-25