Problem solve Get help with specific problems with your technologies, process and projects.

New version of MBSA (1.2) available

Some of the new features of the newest version of MBSA.

In mid-January, Microsoft released an updated version (1.2) of the Microsoft Security Baseline Analyzer, or MBSA. This free download is worth checking out because it runs on most modern Windows versions and performs basic local or remote scans on Windows systems (see Table 1 for more details), including scans for misconfigurations and missing security updates for lots of Windows platforms and products.

What makes version 1.2 interesting is a bunch of new features and functionality, including:

  • In addition to an English version, MBSA 1.2 is also available in French, German, and Japanese (plus foreign-language updates to the supporting mssecure.xml file).
  • New products that MBSA can scan include: Microsoft Office (local scans only, see the Product List for complete inventory of versions covered); Exchange Server 2003; MDAC versions 2.5 through 2.8; MS Virtual Machine; MSXML versions 2.5, 2.6, 3.0, and 4.0; BizTalk Server 2000, 2002, and 2004; Commerce Server 2000 and 2002; Content Management Server 2001 and 2002; Host Integration Server 2000, 2004, and SNA Server 4.0.
  • Performs numerous additional configuration checks, including Internet Connection Firewall (ICF) configuration check; Automatic Updates configuration check; IE zone configuration checks; MBSA tool version check (looks for new versions of itself).
  • MBSA 1.2 also supports new CLI switches, and can use multiple versions of the same file details to drive its scanning activity.

Although MBSA is by no means as complete as other for-a-fee security scanning tools (like Shavlik's HFNetChkPro or Enterprise Inspector, GFI LANGuard, NetIQ's Security Scanner, and so forth; here's a nice list) it's not bad at all when assessing basic security posture and health. If you don't already have another tool of this kind, it's definitely worth a try.

More MBSA 1.2 Resources:
Download Links
Detailed White Paper

Table 1: MBSA Details
Runs on: Windows 2000, Windows XP, Windows Server 2003
IDs misconfigurations on: Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, Internet Information Server (IIS), SQL Server, Internet Explorer, Office
IDs missing updates on: Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, IIS, SQL Server, IE, Exchange Server, Windows Media Player, Microsoft Data Access Components (MDAC), MSXML, Microsoft Virtual Machine, Commerce Server, Content Management Server, BizTalk Server, Host Integration Server, Office

Tom Lancaster, CCIE# 8829 CNX# 1105, is a consultant with 15 years experience in the networking industry, and co-author of several books on networking, most recently, CCSPTM: Secure PIX and Secure VPN Study Guide published by Sybex.

Dig Deeper on Enterprise desktop management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.