News Stay informed about the latest enterprise technology news and product updates.

MBSA gets security boost

Microsoft has upgraded its Baseline Security Analyzer tool, which helps companies find security holes in their Windows' machines.

Microsoft upgraded its Baseline Security Analyzer to help enterprises identify common security misconfigurations...

in multiple Windows operating systems and checks for missing security updates across nearly all of Microsoft's enterprise software.

MBSA 1.2 has a graphical and command line interface that can perform local or remote scans of Windows systems. It supports alternate file versions, allowing multiple sets of file details to be checked during the security updates scan. MBSA also performs configuration checks on Internet connection firewall, automatic updates and the IE zone. Releases are now available for German, Japanese and French.

According to Microsoft, MBSA will scan:

  • Windows NT 4.0
  • Windows 2000
  • Windows XP
  • Windows Server 2003
  • Internet Information Server (IIS) 4.0/5.0/6.0
  • SQL Server 7/2000
  • Internet Explorer (IE) 5.01 and later
  • Office 2000/2002/2003.

Microsoft says MBSA also scans for missing security updates in:

  • Windows NT 4.0
  • Windows 2000
  • Windows XP
  • Windows Server 2003
  • IIS
  • Microsoft SQL Server
  • Exchange
  • Internet Explorer
  • Windows Media Player
  • MDAC
  • Microsoft VM
  • Microsoft Office
  • Content Management Server
  • Commerce Server
  • Host Integration Server
  • BizTalk Server

The MBSA command line interface can be used to perform both MBSA scans (system configuration and security update checks) and HFNetChk scans (security update checks only). Microsoft says there are advantages to using MBSA: additional capabilities include examining Windows desktops and servers for common security best practices such as strong passwords; scanning servers running IIS and SQL Server for common security misconfigurations; and checking for misconfigured security zone settings in Microsoft Office and Internet Explorer.

Dig Deeper on Penetration testing, ethical hacking and vulnerability assessments

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.