Microsoft Baseline Security Analyzer 1.1.1

[TS | Thomas]

Microsoft have posted a new version of the Microsoft Baseline Security Analyzer, bringing it up to version 1.1.1. New to this release is;

MBSA V1.1.1 adds local & remote scanning support for Windows Server 2003.

MBSA runs on Windows 2000, Windows XP, & Windows Server 2003 systems & will scan for common system misconfigurations in the following products: Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, Internet Information Server (IIS) 4.0 & 5.0, SQL Server 7.0 & 2000, Internet Explorer (IE) 5.01 & later, & Office 2000 & 2002. MBSA will also scan for missing security updates for the following products: Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, IIS 4.0 & 5.0, SQL Server 7.0 & 2000, IE 5.01 & later, Exchange 5.5 & 2000, & Windows Media Player 6.4 & later.

Download Now. If you're having problems running it be sure to check our MBSA User Guide.

 

[Phantasm66]

I've just installed it. It looks exactly like the old one, and reported exactly the same results. But hey, its something free from Microsoft. And I guess it does have some helpful security advice.

Might you, all it really tells you is disable stupidly powerful things that you aren't using, and keep patching your machine with all of the latest upgrades and security patches. Basically, keep going to windowsupdate.microsoft.com . Funnily enough, I had kind of worked out that that was what you were supposed to do!

But its always good to see Microsoft trying to be security conscious. People DO rely on these products (Windows 2000 Server, etc) to drive some of their business, or hold research, or store important e-mail boxes. Its important that their creators keep trying to make them secure.

 

[Mictlantecuhtli]

Read A response to Bruce Schneier on MS patch management and Sapphire and think again how good a scanner it is..

 

[Phantasm66]

Microsoft Baseline Security Analyzer (MBSA) and Microsoft's version of
HFNetChk both failed to detect the presence of the well-known vulnerability
in SQL Server exploited by Sapphire, which is one of the reasons so many
admins (both inside and outside MS) had failed to install the necessary
hotfix. MBSA and HFNetChk are Microsoft's official patch status verification
tools meant to be used by all owners of Windows server boxes.

Ouch! If it won't even report that sort of problem, then perhaps you have to take it all with a bit of a pinch of salt.