This host is missing an important security update according to Microsoft advisory (2861855).
Successful exploitation will allow remote attackers to bypass the security.
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, https://technet.microsoft.com/en-us/security/advisory/2861855
The flaw is due to security issue in Network-level Authentication (NLA) method in Remote Desktop Sessions.
Microsoft Windows 7 x32/x64 Service Pack 1 and prior Microsoft Windows Vista x32/x64 Service Pack 2 and prior Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
Get the vulnerable file version and check appropriate patch is applied or not.
- Microsoft Sidebar and Gadgets Remote Code Execution Vulnerability (2719662)
- Computer Associates WebScan ActiveX Control Multiple Remote Code Execution Vulnerabilities
- Adobe Acrobat 9 PDF Document Encryption Weakness Vulnerability (Win)
- Cisco VPN Client Privilege Escalation Vulnerability
- Microsoft Windows Server 2003 OpenType Font Engine DoS Vulnerability