I get a lot of questions about how to cost effectively analyze the current security state on a network. There are many realms to consider when it comes to assessing security, but one of the most important ones is that of host security and one of the most important tasks for maintaining host security is to make sure you have the latest security updates installed on all of your computers. A tool that can help you make this assessment is the Microsoft Baseline Security Analyzer (MBSA). The MBSA can also perform a basic security assessment of the configuration of your computers.
The Microsoft Baseline Security Analyzer 2.x is an easy-to-use tool that helps small and medium businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems.
Built on the Windows Update Agent and Microsoft Update infrastructure, MBSA ensures consistency with other Microsoft management products including Microsoft Update (MU), Windows Server Update Services (WSUS), Systems Management Server (SMS) and Microsoft Operations Manager (MOM). Used by many leading third party security vendors including Tivoli, Patchlink and Citadel, MBSA on average scans over 3 million computers each week. Join the thousands of users that depend on MBSA for analyzing their security state.
Download the MBSA at: http://www.microsoft.com/downloads/details.aspx?FamilyId=F32921AF-9DBE-4DCE-889E-ECF997EB18E9&displaylang=en
For more information about MBSA, check out: http://www.microsoft.com/technet/security/tools/mbsahome.mspx
I’ve included a short history of the MBSA v2 so that you know how it’s been updated since version 1.x:
MBSA 2.0 needed for Update Services compatibility: Users of Windows Server Update Services should update their MBSA to version 2.0 for compatibility.
New Features found in MBSA 2.0:
Severity Ratings
Locally and remotely scan for Office XP or later security updates
Added guidance for locating updates and necessary actions
CVE-IDs for supported updates
Improved help content
Windows Server Update Services compatibility
Automatic Microsoft Update registration and agent update
Support for detection of updates on 64bit Windows and Windows XP Embedded
What is MBSA 2.0.1?
MBSA 2.0.1 is an update to MBSA 2.0 to enable compatibility with the new Windows Update (WU) offline scan file. (For information on the new scan file, see http://support.microsoft.com/kb/926464.) This fix enables MBSA to download and read the new file format.
In order to run offline scans, MBSA 2.0 must have the scan file on the scanning machine. MBSA 2.0 automatically downloads this file if the scanning machine has Internet access. If not, the file must be downloaded and installed manually. MBSA 2.0.1 behaves in the same manner, except that it uses the new scan file.
MBSA 2.1 Beta 2 supports the following scenarios:
Installing on Windows 2000 SP4 through Windows Vista.
Security update scans
Local online scans on Windows 2000 SP4 through Windows Vista
Local offline scans on Windows 2000 SP4 through Windows Vista
Remote offline scans against Windows 2000 SP4 through Windows Vista
Remote online scans against Windows 2000 SP4 through Windows Server 2003
Local and remote VA scans against Windows 2000 SP4 through Windows Vista (32-bit and 64-bit)
HTH,
Tom
Thomas W Shinder, M.D.
Site: http://www.isaserver.org/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW BOOK! Go to http://tinyurl.com/2gpoo8
Email: [email protected]
MVP – Microsoft Firewalls (ISA)