This host is missing a critical security update according to Microsoft Bulletin MS10-041.
Successful exploitation will allow the attackers to forge an XML signature that will be accepted as valid or to bypass security restrictions. Impact Level: System/Application.
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/MS10-041
The issue is caused by an error in the XML Signature Syntax and Processing (XMLDsig) implementation that rely on the 'HMACOutputLength' parameter to determine the number of bytes of the signature to be verified.
Microsoft .NET Framework 3.5/SP 1 Microsoft .NET Framework 1.1 SP 1 Microsoft .NET Framework 1.0 SP 3 Microsoft .NET Framework 2.0 SP 1/SP 2
- Microsoft Windows SAMR Protocol Security Bypass Vulnerability (2934418)
- Microsoft Office Security Feature Bypass Vulnerability (2961033)
- Microsoft Exchange and Windows SMTP Service Denial of Service Vulnerability (981832)
- Microsoft Windows LSASS Denial of Service Vulnerability (975467)
- Microsoft OneNote Information Disclosure Vulnerability (2816264)