i started recieivng this in the log of my webserver. I have had this particular patch that is mentioned here since it came out in 2008. Is there anyhtign else i should do to handle this? Has this machien been compromised? Is it blocking it like it says? Thanks.
MSRPC Server Service RPC CVE-2008-4250 detected. here is the log when it started.
3/12/2012 10:31 Intrusion Prevention Critical Incoming TCP 77.10.224.240 00-00-00-00-00-00 192.168.3.2 00-15-5D-03-0A-19 C:\WINNT\system32\ntoskrnl.exe Vette69 TWEETY Default 3/12/2012 10:32 3/12/2012 10:32 [SID: 23179] OS Attack: MSRPC Server Service RPC CVE-2008-4250 detected.
3/12/2012 10:31 Active Response Major Incoming None 77.10.224.240 00-00-00-00-00-00 192.168.3.2 00-15-5D-03-0A-19 Vette69 TWEETY Default 3/12/2012 10:32 3/12/2012 10:32 Traffic from IP address 77.10.224.240 is blocked from 3/12/2012 10:32:27 AM to 3/12/2012 10:42:27 AM.
3/12/2012 10:31 Active Response Disengaged Information None None 112.216.83.58 00-00-00-00-00-00 0.0.0.0 00-00-00-00-00-00 Vette69 TWEETY Default 3/12/2012 10:33 3/12/2012 10:33 Active Response that started at 03/12/2012 10:23:12 is disengaged. The traffic from IP address 112.216.83.58 was blocked for 600 second(s).