If all goes to plan, Microsoft will include a patch for the DNS Server Service flaw in its next security update...
Christopher Budd of the Microsoft Security Response Center said in a blog entry Thursday that a DNS patch is in the cards.
"We haven't seen any new information around attacks [but] the listing of updates slated for Tuesday does include the update we've been working on for this issue," he wrote. However, he added, "I do want to remind everyone that the information in the advance notification is subject to change, as we continue testing until we release on Tuesday."
The DNS Server Service flaw, which has been attacked on a limited scale in recent weeks, is particularly troublesome because it affects DNS servers, which do the work of resolving domain names to the actual IP addresses of the Web servers hosting the requested sites.
The DNS Server Service fix will be part of a patch rollout that includes two updates for Windows, three for Office, one for Exchange and one for CAPICOM and BizTalk. Many of the updates will address critical security holes, Microsoft said in an advance bulletin on its TechNet Web site.
Meanwhile, the software giant will update its malware removal tool and offer a Webcast on the Microsoft Web site Wednesday at 11 a.m. PT. Customers can use the Webcast to ask questions about the patches.
The company will also release one non-security, high-priority update for Windows on Windows Update (WU) and Software Update Services (SUS) and six non-security, high-priority updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).