Short version I guess, securing individual hosts != securing the network. My own experience BTW is that this can also apply to Linux servers. It's quite easy to make a Linux network where everything has access to everything.
Hot Potato Exploit Gives Attackers the Upper Hand in Multiple Windows Versions http://news.softpedia.com/news/hot-...and-in-multiple-windows-versions-499192.shtml [Youtube videos showing exploit included]
Seems there's no download available for Windows 7 to mitigate this security flaw : https://support.microsoft.com/en-us/kb/968389
What you reckon this a fix? https://technet.microsoft.com/en-us/library/cc780885(v=ws.10).aspx I already disable the web auto discovery proxy services on all machines.