As part of Microsoft's Strategic Technology Protection Program, and in response to direct customer need for a streamlined method of identifying common security misconfigurations, Microsoft has developed the Microsoft Baseline Security Analyzer (MBSA).
Version 1.1 is the second release of MBSA and includes a graphical and command line interface that can perform local or remote scans of Windows systems. MBSA runs on Windows 2000 and Windows XP systems and will scan for common system misconfigurations in the following products: Windows NT 4.0, Windows 2000, Windows XP, Internet Information Server (IIS) 4.0 and 5.0, SQL Server 7.0 and 2000, Internet Explorer (IE) 5.01 and later, and Office 2000 and 2002. MBSA will also scan for missing security updates for the following products: Windows NT 4.0, Windows 2000, Windows XP, IIS 4.0 and 5.0, SQL Server 7.0 and 2000, IE 5.01 and later, Exchange 5.5 and 2000, and Windows Media Player 6.4 and later.
What’s New in MBSA V1.1
The following features are new in MBSA V1.1:
Exchange and Windows Media Player security update detection
Full HFNetChk v3.81 support in the MBSA command line interface (mbsacli.exe)
Support for Software Update Services (SUS) during security update scans
Compatibility with SMS 2.0 Software Update Services Feature Pack
Detection for multiple SQL Server instances
MBSA uses the HFNetChk tool technology to scan for missing security updates and service packs for Windows, IE, IIS, SQL, Exchange, and Windows Media Player. MBSA will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML.
For More Information (details on new features, scanning options, and bug fixes in V1.1) –
http://support.microsoft.com/default...b;en-us;320454
Version – 1.1 (English only)
Release Date – 4 December 2002
Estimated Download Size – 2.7 MB
Frequently Asked Questions (FAQ)
Please refer to the MBSA Q&A for answers to commonly asked questions about MBSA and other Microsoft security tools at:
http://www.microsoft.com/technet/sec...ls/mbsaqa.asp.
System Requirements
The following are the requirements when performing a local machine scan:
Windows 2000 or Windows XP
Internet Explorer 5.01 or greater
An XML parser is required (MSXML version 3.0 SP2 or later) for the tool to function correctly. Systems not running IE 5.01 or greater will need to download and install an XML parser to run this tool. MSXML version 3.0 SP2 can be installed during tool setup, otherwise, you can download and install a standalone version of the Microsoft XML parser from the following location:
http://msdn.microsoft.com/downloads/...mpositedoc.xml
The following services must be enabled: Workstation service and Server service
The following are the requirements for a computer running the tool that is scanning remote machine(s):
Windows 2000 or Windows XP
Internet Explorer 5.01 or greater
An XML parser is required (MSXML version 3.0 SP2 or later) for the tool to function correctly. Systems not running IE 5.01 or greater will need to download and install an XML parser to run this tool. MSXML version 3.0 SP2 can be installed during tool setup, otherwise, you can download and install a standalone version of the Microsoft XML parser from the following location:
http://msdn.microsoft.com/downloads/...mpositedoc.xml
The IIS Common Files are required on the computer on which the tool is installed if performing remote scans of IIS computers
The following services must be enabled: Workstation service and Client for Microsoft Networks
The following are the requirements for a computer to be scanned remotely by the tool:
Windows NT 4.0 SP4 and above, Windows 2000, or Windows XP (local scans only on Windows XP computers that use simple file sharing)
IE 5.01 or greater
IIS 4.0, 5.0 (required for IIS vulnerability checks)
SQL 7.0, 2000 (required for SQL vulnerability checks)
Microsoft Office 2000, XP (required for desktop application vulnerability checks)
The following services must be installed/enabled: Server service, Remote Registry service, File & Print Sharing
Reply With Quote