I keep getting emails from my firewall regarding the following:
Time: Tue Mar 08 12:49:05 2011 (CST)
Message: Policy Name: HTTP-proxy-00 Action: ProxyDrop: Reason: HTTP Body IPS match Source IP: 192.168.x.xxx Source Port: 2345 Destination IP: 18.104.22.168 Destination Port: 80 ips_msg: EXPLOIT Microsoft DirectShow QuickTime Atom Size memory corruption -1 signature_id: WG-1110555 threat_level: 80 signature_cat: http-client host: www.accurint.com
I have tried restarting my firewall, checking for viruses/malware on the workstations that are reporting this, yet find nothing. Is this an issue I should be worried about?
I am running a Windows Server 2003 controlled network, all workstations have Windows XP Pro w/ SP3 installed.
This is only one example of the email, if you need any more information, let me know.