Microsoft Baseline Security Analyzer (MBSA)
Microsoft is beginning to release useful security oriented tools. Microsoft Baseline Security Analyzer (MBSA) checks Windows NT 4 SP4 and up, Windows 2000, and Windows XP for common security vulnerabilities. MBSA can be installed on Windows 2000 and Windows XP. MBSA currently performs five checks:
- Hotfix checks : scans for missing hotfixes for Windows NT 4, Windows 2000, all system services, SQL 7.0, SQL 2000, and IE 5.01 and later.
- Password checks : checks for blank and weak passwords.
- Vulnerability checks : scans for security issues and common configuration mistakes in Windows operating systems (NT4, 2000, and XP).
- IIS checks : scans for security issues in IIS 4.0 and 5.0.
- SQL vulnerability checks : scans for security issues in SQL 7.0 and 2000.