This host is missing an important security update according to Microsoft Bulletin MS14-053.
Successful exploitation will allow attackers to cause a denial of service. Impact Level: Application
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, https://technet.microsoft.com/library/security/MS14-053
The flaw is due to an error within a hash generation function when hashing requests and can be exploited to cause a hash collision resulting in high CPU consumption via specially crafted requests.
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4.0, 4.5, 4.5.1 and 4.5.2
Get the vulnerable file version and check appropriate patch is applied or not.
Updated on 2015-03-25
- Microsoft Windows DirectWrite Denial of Service Vulnerability (2665364)
- Microsoft Client/Server Run-time Subsystem Privilege Elevation Vulnerability (978037)
- Microsoft Active Directory Federation Services Information Disclosure Vulnerability (2873872)
- Microsoft SQL Server Report Manager Cross Site Scripting Vulnerability (2754849)
- Microsoft SQL Server Elevation of Privilege Vulnerability (2984340) - Remote