This host is missing important security update according to Microsoft Bulletin MS08-066.
Successful exploitation could allow an attacker to run arbitrary code in kernal mode with elevated privileges and take complete control of an affected system. Impact Level: System
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link. http://www.microsoft.com/technet/security/Bulletin/MS08-066.mspx
The flaw exists due to the Ancillary Function Driver (afd.sys) not properly checking user supplied memory ranges before writing to them into location.
Microsoft Windows XP Service Pack 3 and prior. Microsoft Windows Server 2003 Service Pack 2 and prior.
Updated on 2015-03-25
- Microsoft Data Access Components Remote Code Execution Vulnerabilities (2560656)
- Microsoft Data Analyzer and IE Developer Tools ActiveX Control Vulnerability (980195)
- Microsoft .NET Framework Remote Code Execution Vulnerability (2745030)
- Microsoft DNS Resolution Remote Code Execution Vulnerability (2509553)
- Microsoft Ancillary Function Driver Elevation of Privilege Vulnerability (956803)