Microsoft Baseline Security Analyzer (MBSA)


Microsoft is beginning to release useful security oriented tools. Microsoft Baseline Security Analyzer (MBSA) checks Windows NT 4 SP4 and up, Windows 2000, and Windows XP for common security vulnerabilities. MBSA can be installed on Windows 2000 and Windows XP. MBSA currently performs five checks:



  • Hotfix checks : scans for missing hotfixes for Windows NT 4, Windows 2000, all system services, SQL 7.0, SQL 2000, and IE 5.01 and later.


  • Password checks : checks for blank and weak passwords.


  • Vulnerability checks : scans for security issues and common configuration mistakes in Windows operating systems (NT4, 2000, and XP).


  • IIS checks : scans for security issues in IIS 4.0 and 5.0.


  • SQL vulnerability checks : scans for security issues in SQL 7.0 and 2000.
The tool can be run in GUI mode ( mbsa.exe ) or more usefully for automated periodic checks, in command line mode (mbsacli.exe).

Leave a Comment

Your email address will not be published.

Scroll to Top