bind versions and update-security category availability

[cat54me]

Hi all,
I am running Bind 9.2.3 for an hosting company, there are a few hundreds 
domain zones on the server and in the log files there are lot of 
messages about denied DNS dynamic updates.

I would like to get rid of that entries.

It is pratically impossible to fix all misconfigured Windows clients and 
stop the DDNS updates attemps, since they are systems from all over the 
world and out of my control.

It looks like Bind 9.3.0 (final version is still to be released) has an 
"update-security" category that I could use to ignore the dynamic 
updates failures.

It would be great if that category would be backported to Bind 9.2.x, in 
particular to 9.2.4, which I think is going to be released soon.

Do you know if that will ever happen?

It looks like that category is even available in Bind 8.3.x (8.3.5 and 
newer), I wonder if there is a reason to not add it to Bind 9.2.x.

Is there any workaround for the current Bind 9.2.x versions, other that 
completely ignoring all the "security" category (which I don't think is 
a good idea)?

Thanks!