This host is missing a critical security update according to Microsoft Bulletin MS10-065.

Successful exploitation could allow remote attackers to bypass restrictions, create a denial of service condition or compromise a vulnerable web server. Impact Level: System/Application

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/MS10-065

- a stack overflow error in the ASP script processing code when processing specially crafted URL requests sent to active server pages, which could be exploited to cause a denial of service. - a buffer overflow error in the FastCGI module when processing malformed HTTP headers, which could be exploited by remote attackers to take complete control of the affected system via a specially crafted request. - an error when processing specially crafted URLs, which could be exploited to bypass authentication.

Microsoft Windows 7 Microsoft Windows XP Service Pack 3 and prior. Microsoft Windows 2K3 Service Pack 2 and prior. Microsoft Windows Vista Service Pack 2 and prior. Microsoft Windows Server 2008 Service Pack 2 and prior. Microsoft Internet Information Services (IIS) version 5.1 Microsoft Internet Information Services (IIS) version 6.0 Microsoft Internet Information Services (IIS) version 7.0 Microsoft Internet Information Services (IIS) version 7.5

• http://support.microsoft.com/kb/2124261
• http://technet.microsoft.com/en-us/security/bulletin/MS10-065
• http://www.vupen.com/english/advisories/2010/2386

---

Updated on 2015-03-25