New version of MBSA (1.2) available

In mid-January, Microsoft released an updated version (1.2) of the Microsoft Security Baseline Analyzer, or MBSA. This free download is worth checking out because it runs on most modern Windows versions and performs basic local or remote scans on Windows systems (see Table 1 for more details), including scans for misconfigurations and missing security updates for lots of Windows platforms and products.

What makes version 1.2 interesting is a bunch of new features and functionality, including:

  • In addition to an English version, MBSA 1.2 is also available in French, German, and Japanese (plus foreign-language updates to the supporting mssecure.xml file).
  • New products that MBSA can scan include: Microsoft Office (local scans only, see the Product List for complete inventory of versions covered); Exchange Server 2003; MDAC versions 2.5 through 2.8; MS Virtual Machine; MSXML versions 2.5, 2.6, 3.0, and 4.0; BizTalk Server 2000, 2002, and 2004; Commerce Server 2000 and 2002; Content Management Server 2001 and 2002; Host Integration Server 2000, 2004, and SNA Server 4.0.
  • Performs numerous additional configuration checks, including Internet Connection Firewall (ICF) configuration check; Automatic Updates configuration check; IE zone configuration checks; MBSA tool version check (looks for new versions of itself).
  • MBSA 1.2 also supports new CLI switches, and can use multiple versions of the same file details to drive its scanning activity.

Although MBSA is by no means as complete as other for-a-fee security scanning tools (like Shavlik's HFNetChkPro or Enterprise Inspector, GFI LANGuard, NetIQ's Security Scanner, and so forth; here's a nice list) it's not bad at all when assessing basic security posture and health. If you don't already have another tool of this kind, it's definitely worth a try.

More MBSA 1.2 Resources:
Download Links
Detailed White Paper

Table 1: MBSA Details
Runs on:Windows 2000, Windows XP, Windows Server 2003
IDs misconfigurations on:Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, Internet Information Server (IIS), SQL Server, Internet Explorer, Office
IDs missing updates on:Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, IIS, SQL Server, IE, Exchange Server, Windows Media Player, Microsoft Data Access Components (MDAC), MSXML, Microsoft Virtual Machine, Commerce Server, Content Management Server, BizTalk Server, Host Integration Server, Office

Tom Lancaster, CCIE# 8829 CNX# 1105, is a consultant with 15 years experience in the networking industry, and co-author of several books on networking, most recently, CCSPTM: Secure PIX and Secure VPN Study Guide published by Sybex.

This was first published in February 2004

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.