This host is missing important security update according to Microsoft Bulletin MS08-066.
Successful exploitation could allow an attacker to run arbitrary code in kernal mode with elevated privileges and take complete control of an affected system. Impact Level: System
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link. http://www.microsoft.com/technet/security/Bulletin/MS08-066.mspx
The flaw exists due to the Ancillary Function Driver (afd.sys) not properly checking user supplied memory ranges before writing to them into location.
Microsoft Windows XP Service Pack 3 and prior. Microsoft Windows Server 2003 Service Pack 2 and prior.
Updated on 2015-03-25
- Microsoft DirectAccess Security Advisory (2862152)
- Microsoft .NET Framework Privilege Elevation Vulnerability (2769324)
- ADODB.Stream object from Internet Explorer (KB870669)
- Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities (961371))
- Microsoft DNS Resolution Remote Code Execution Vulnerability (2509553)