The other possible reason is that you have a proxy set somewhere upstream that's filtering out the DNS resolution. My company provides that sort of "service", blocking various named servers (as an example, anything that dyndns.org serves out), but not the IP addresses that those hosts eventually point to. For example, I can get to my home machine if I know what my router's IP address is (external IP address - aka the one that my ISP gives me), but I can't get to it through my dyndns.org domain name.
However, that will depend on whether you've actually got that kind of service between your machine and the wild internet.
edits:
It is feasible that since security related sites provide "untested" software (by a giant multinational corporate site), that they may blanket block all of .microsoft.com to prevent it's users from downloading said "untested" patches. Yes, this happens. Particularly by overzealous Security Departments whose primary purpose to the company appears to be to shout "NO" while banging fists on a desk. Similar story for anti-malware sites. While it is almost always misguided, the situations eventually (but can take literally years) work themselves out. I have personally seen this sort of scenario occur in my company - we're a very large company that develops software, among other things.
Change your DNS server, flush your DNS caches, get rid of malware. – Daniel Beck – 2011-01-24T09:13:29.283
Maybe u are using opendns.com or some other dns. – Kangarooo – 2011-01-25T01:21:14.563