This host is missing an important security update according to Microsoft advisory (2861855).
Successful exploitation will allow remote attackers to bypass the security.
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, https://technet.microsoft.com/en-us/security/advisory/2861855
The flaw is due to security issue in Network-level Authentication (NLA) method in Remote Desktop Sessions.
Microsoft Windows 7 x32/x64 Service Pack 1 and prior Microsoft Windows Vista x32/x64 Service Pack 2 and prior Microsoft Windows Server 2008 x32/x64 Service Pack 2 and prior Microsoft Windows Server 2008 R2 x64 Edition Service Pack 1 and prior
Get the vulnerable file version and check appropriate patch is applied or not.
- Microsoft .NET Framework 'RC4' Information Disclosure Vulnerability (2960358)
- Microsoft Office Excel Axis and Art Object Parsing Remote Code Execution Vulnerabilities
- Internet Explorer version check
- Microsoft Windows SMB2 '_Smb2ValidateProviderCallback()' Remote Code Execution Vulnerability
- Microsoft's SQL Blank Password