Microsoft Baseline Security Analyzer 1.1.1

By Thomas McGuire on June 5, 2003, 3:31 PM
Microsoft have posted a new version of the Microsoft Baseline Security Analyzer, bringing it up to version 1.1.1. New to this release is;

MBSA V1.1.1 adds local & remote scanning support for Windows Server 2003.

MBSA runs on Windows 2000, Windows XP, & Windows Server 2003 systems & will scan for common system misconfigurations in the following products: Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, Internet Information Server (IIS) 4.0 & 5.0, SQL Server 7.0 & 2000, Internet Explorer (IE) 5.01 & later, & Office 2000 & 2002. MBSA will also scan for missing security updates for the following products: Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, IIS 4.0 & 5.0, SQL Server 7.0 & 2000, IE 5.01 & later, Exchange 5.5 & 2000, & Windows Media Player 6.4 & later.

Download Now. If you're having problems running it be sure to check our MBSA User Guide.




User Comments: 3

Got something to say? Post a comment
Phantasm66 said:
I've just installed it. It looks exactly like the old one, and reported exactly the same results. But hey, its something free from Microsoft. And I guess it does have some helpful security advice.Might you, all it really tells you is disable stupidly powerful things that you aren't using, and keep patching your machine with all of the latest upgrades and security patches. Basically, keep going to windowsupdate.microsoft.com . Funnily enough, I had kind of worked out that that was what you were supposed to do!But its always good to see Microsoft trying to be security conscious. People DO rely on these products (Windows 2000 Server, etc) to drive some of their business, or hold research, or store important e-mail boxes. Its important that their creators keep trying to make them secure.
Mictlantecuhtli said:
Read [url=http://msgs.securepoint.com/cgi-bin/get/bugtraq0303/163
html]A response to Bruce Schneier on MS patch management and Sapphire[/url] and think again how good a scanner it is..
Phantasm66 said:
[quote]Microsoft Baseline Security Analyzer (MBSA) and Microsoft's version ofHFNetChk both failed to detect the presence of the well-known vulnerabilityin SQL Server exploited by Sapphire, which is one of the reasons so manyadmins (both inside and outside MS) had failed to install the necessaryhotfix. MBSA and HFNetChk are Microsoft's official patch status verificationtools meant to be used by all owners of Windows server boxes.[/quote]Ouch! If it won't even report that sort of problem, then perhaps you have to take it all with a bit of a pinch of salt.
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.