We have seen one Vista computer have hundreds of false-positive this morning associated with this update from yesterday. The specific event description is:
[SID: 20628] MSRPC Mutiple Headers detected. Traffic has been allowed from this application: C:\WINDOWS\system32\ntoskrnl.exe
The remote host is Windows Server 2003 R2 x64, which is printer server for us. Our other Vista (~10) computers don't have this problem and neither does our Windows XP SP3 (~300) computers. I would rather not create a firewall exception for MSRPC Multiple Headers threat (http://www.symantec.com/business/security_response/attacksignatures/detail.jsp?asid=20628), which would leave our clients valuable to this type of attack which has been suggested in a different post (http://www.symantec.com/connect/forums/sid-20628-msrpc-mutiple-headers-detected). I would like to see Symantec fix the problem with their recent update.