Tip

Microsoft Baseline Security Analyzer V1.2.1

This tip originally appeared on SearchWin2000.com, a sister site of SearchSmallBizIT.com.


Microsoft has released a new version of their Baseline Security Analyzer tool, developed in conjunction with Shavlik

    Requires Free Membership to View

Technologies. The MBSA (as it's commonly abbreviated) is a utility that performs security assessments on one or many different machines and produces detailed reports about its findings.

The reports produced by the tool not only include what has been scanned and what vulnerabilities were found, but how to fix them and what their likely impacts on the computer's security are. For instance, a vulnerability that is only available to a locally logged-in user is still considered a threat, but not as profound a threat as a remote network exploit.

MBSA runs on Windows 2000, XP and Server 2003 systems, and can scan for vulnerabilities in Windows NT 4.0, 2000, XP and Server 2003, including Small Business Server 2003. It does not need to be installed on the computer it is scanning, but the remote machine must have the Server, Remote Registry and File and Print Sharing services running. The scanning tool must be run locally as an administrator, and administrative shares must be enabled on a remote computer to be scanned.

The scan encompasses vulnerabilities in not only the underlying operating system, but in many common Windows components: IIS, SQL Server, Internet Explorer, Office, Exchange Server, Windows Media Player, the Microsoft Data Access Components (MDAC) layer, MSXML, Microsoft Virtual Machine (note that many newer installations of Windows do not have the Virtual Machine installed), Commerce Server, Content Management Server, BizTalk Server and Host Integration Server. Any missing service packs or patches for these products will be detected and recommended.

Aside from the GUI edition of the tool, there is also a command-line version named mbsacli (invoked from the folder where the tool has been installed). Note that the MBSA tool is not a patch manager; it does not download and install recommended fixes, but simply provides information to the administrator about what to download and how to install it.

The newest version of the tool is also designed to run on and analyze systems that have been patched with Windows XP Service Pack 2. The MBSA tool can be downloaded from www.microsoft.com/technet/security/tools/mbsahome.mspx. For details on how to write administrative scripts using the tool, see www.microsoft.com/technet/security/tools/mbsascript.mspx.


Serdar Yegulalp is the editor of the Windows 2000 Power Users Newsletter. Check out his Windows 2000 blog for his latest advice and musings on the world of Windows network administrators – please share your thoughts as well!

Do you have comments on this tip? Let us know.


This was first published in December 2004

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.