This host is missing a critical security update according to Microsoft Bulletin MS09-040.
Successful exploitation will allow attackers to execute arbitrary code with SYSTEM level privileges and completely compromise the affected system. Impact Level: System
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/Bulletin/MS09-040.mspx
An error occurs while parsing malicious IOCTL requests sent to the Message Queuing service (MSMQ) because the input data is not adequately sanitised before being passed into the buffer.
Microsoft Windows 2K Service Pack 4 and prior. Microsoft Windows XP Service Pack 2 and prior. Microsoft Windows 2003 Service Pack 2 and prior. Microsoft Windows Vista Service Pack 2 and prior.
- Microsoft Visio Information Disclosure Vulnerability (2834692)
- Microsoft Office Security Feature Bypass Vulnerability (2961033)
- Flaw in Certificate Enrollment Control (Q323172)
- Microsoft Windows Kernel Mode Drivers Privilege Escalation Vulnerabilities (979559)
- Microsoft .NET Framework Information Disclosure Vulnerability (2567951)