This host is installed with Microsoft Office (with MS Word), which is prone to remote code execution vulnerability.
Remote attacker could exploit by persuading victim to open a crafted documents to corrupt memory and cause the application to crash, and also allow to execute arbitrary code with the system privileges of the victim. Impact Level : System
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link. http://www.microsoft.com/technet/security/bulletin/ms08-042.mspx
Flaw is due to an error within the handling of malformed/crafted MS Word documents.
Microsoft Word 2002 (XP) with SP3 on Windows (All). Microsoft Word 2003 with SP3 on Windows (All).
- Microsoft Windows NSlookup.exe Remote Code Execution Vulnerability
- Microsoft Windows 32-bit Platforms Unspecified vulnerabilities
- Microsoft Windows Server 2003 OpenType Font Engine DoS Vulnerability
- Microsoft Excel 2007 Office Drawing Layer Remote Code Execution Vulnerability
- Microsoft Windows DNS Memory Corruption Vulnerability - Mar09