In response to direct customer need for a streamlined method to identify common security misconfigurations, Microsoft offers the free Microsoft Baseline Security Analyzer (MBSA) scan tool. It includes a graphical and command line interface that can perform local or remote scans of Microsoft Windows systems.
MBSA 2.1 builds on previous versions by adding support for Windows Vista and Windows Server 2008. MBSA 2.1 also provides full 64-bit installation, scan tool and vulnerability assessment (VA) checks, improved SQL Server 2005 checks, and support for the latest Windows Update Agent (WUA) and Microsoft Update technologies. More information on the capabilities of MBSA 2.1 is available on the MBSA Web site.
MBSA 2.1 runs on Windows Server 2008, Windows Vista, Windows Server 2003, Windows XP and Windows 2000 systems and will scan for common security misconfigurations on all Windows platforms and components including Internet Information Server (IIS) 5.0, and 6.0, SQL Server 7.0, 2000 and 2005, Internet Explorer (IE) 5.01 and later, and Office 2000, 2002 and 2003.
MBSA also scans for missing security updates, update rollups and service packs available from Microsoft Update.
Download the MBSA at:
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer