In mid-January, Microsoft released an updated version (1.2) of the Microsoft Security Baseline Analyzer, or MBSA. This free download is worth checking out because it runs on most modern Windows versions and performs basic local or remote scans on Windows systems (see Table 1 for more details), including scans for misconfigurations and missing security updates for lots of Windows platforms and products.
What makes version 1.2 interesting is a bunch of new features and functionality, including:
- In addition to an English version, MBSA 1.2 is also available in French, German, and Japanese (plus foreign-language updates to the supporting mssecure.xml file).
- New products that MBSA can scan include: Microsoft Office (local scans only, see the Product List for complete inventory of versions covered); Exchange Server 2003; MDAC versions 2.5 through 2.8; MS Virtual Machine; MSXML versions 2.5, 2.6, 3.0, and 4.0; BizTalk Server 2000, 2002, and 2004; Commerce Server 2000 and 2002; Content Management Server 2001 and 2002; Host Integration Server 2000, 2004, and SNA Server 4.0.
- Performs numerous additional configuration checks, including Internet Connection Firewall (ICF) configuration check; Automatic Updates configuration check; IE zone configuration checks; MBSA tool version check (looks for new versions of itself).
- MBSA 1.2 also supports new CLI switches, and can use multiple versions of the same file details to drive its scanning activity.
Although MBSA is by no means as complete as other for-a-fee security scanning tools (like Shavlik's HFNetChkPro or Enterprise Inspector, GFI LANGuard, NetIQ's Security Scanner, and so forth; here's a nice list) it's not bad at all when assessing basic security posture and health. If you don't already have another tool of this kind, it's definitely worth a try.
|Runs on:||Windows 2000, Windows XP, Windows Server 2003|
|IDs misconfigurations on:||Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, Internet Information Server (IIS), SQL Server, Internet Explorer, Office|
|IDs missing updates on:||Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, IIS, SQL Server, IE, Exchange Server, Windows Media Player, Microsoft Data Access Components (MDAC), MSXML, Microsoft Virtual Machine, Commerce Server, Content Management Server, BizTalk Server, Host Integration Server, Office|
Tom Lancaster, CCIE# 8829 CNX# 1105, is a consultant with 15 years experience in the networking industry, and co-author of several books on networking, most recently, CCSPTM: Secure PIX and Secure VPN Study Guide published by Sybex.