The host is installed with Internet Explorer and VBScript and is prone to Remote Code Execution vulnerability.
Successful exploitation will allow remote attackers to execute arbitrary code via specially crafted attack. Impact Level: System
Apply the latest updates. For more information refer, http://technet.microsoft.com/en-us/security/advisory/981169
The flaw exists in the way that 'VBScript' interacts with Windows Help files when using Internet Explorer. If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, it allows arbitrary code to be executed in the security context of the currently logged-on user.
Microsoft Internet Explorer version 6.x, 7.x, 8.x
- Microsoft Windows DNS Devolution Third-Level Domain Name Resolving Weakness (971888)
- Microsoft's SQL Blank Password
- Microsoft Windows ActiveX Control Multiple Vulnerabilities (2647518)
- Microsoft Windows XP SP3 denial of service vulnerability
- Microsoft Autorun Arbitrary Code Execution Vulnerability (08-038)