The latest zero-day flaw in the Windows DNS Server RPC interface implementation is a perfect example of the tug-o-war within the MSRC (Microsoft Security Response Center) about how much information should be included in the pre-patch advisory.
Using clues in the workarounds section of the advisory, Errata Security researcher David Maynor said he was able to pinpoint the source of the vulnerability without much trouble.
In the wake of Maynor's comments above, I asked the MSRC if there's a legitimate gripe that about the level of details included in its advisories and was told that it's a "delicate balancing act" to avoid giving too much clues while ensuring customers have adequate pre-patch protections.
It really must be a delicate balance. Usually within 24 hours of a patch being posted, the fix has been reverse-engineered and at least an underground exploit floating around for it. How many admins do you know that patch all of their servers within 24 hours of a show-stopper like this? Not many.
This does bring up an interesting point, though. How much can you give customers to protect themselves without giving the blackhats enough to start circulating exploits?