Microsoft Help and Support Center Remote Code Execution Vulnerability (2229593)

This host is missing a critical security update according to Microsoft Bulletin MS10-042.
Successful exploitation could allow remote attackers to inject malicious code in the Help and Support Center and execute arbitrary commands on a vulnerable system by tricking a user into visiting a specially crafted web page. Impact Level: System
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link,
The flaw is due to the error in 'MPC::HTML::UrlUnescapeW()' function within the Help and Support Center application (helpctr.exe) that does not properly check the return code of 'MPC::HexToNum()' when escaping URLs.
Microsoft Windows XP Service Pack 3 and prior. Microsoft Windows 2003 Service Pack 2 and prior.