Windows 7 / Getting Started

The MBSA Console

MBSA is used to analyze one or more computers for vulnerabilities. MBSA scans for two categories of vulnerabilities: weak security configurations and missing security updates. This section focuses on using MBSA to scan for updates that should have been installed but have not been installed.

After installing MBSA, you can use it to scan all computers on your network or domain for which you have administrator access. To scan all computers on a specific subnet using your current user credentials, follow these steps:

  1. Start MBSA by clicking Start, pointing to All Programs, and then clicking Microsoft Baseline Security Advisor.
  2. On the Welcome To The Microsoft Baseline Security Analyzer page, click Scan Multiple Computers.
  3. On the Which Computers Do You Want To Scan? page, type the domain or workgroup name or the IP address range you want to scan. To speed up the scanning process, clear all check boxes except for Check For Security Updates. If you have a WSUS server on your network, you can further speed up the process by selecting the Advanced Update Services Options check box and the Scan Using Assigned Update Services Servers Only option to prevent unmanaged computers from being scanned.
  4. Click Start Scan. While MBSA performs the scan, it will keep you updated on the progress.
  5. After the scan is completed, the View Security Report page appears, listing the computers that were scanned.

Note If you do not have sufficient credentials on a computer, MBSA will display the IP address of the computer with the following message: User Is Not An Administrator On The Scanned Machine.

Missing security updates are marked by a red X, and missing service packs or update rollups are marked with a yellow X. A green check mark denotes a scan that was completed successfully with no missing updates found. Scan reports are stored on the computer from which you ran MBSA in the %UserProfile%\SecurityScans folder. An individual security report is created for each computer that is scanned.

During the scanning process, MBSA uses NetBIOS over Transmission Control Protocol/ Internet Protocol (TCP/IP) and Common Internet File System (CIFS) protocols to connect to computers, which requires TCP ports 135, 139, and 445 and User Datagram Protocol (UDP) ports 137 and 139. If a firewall blocks these ports between you and the target computers or if the computers have Internet Connection Firewall enabled and these ports have not been opened, you will not be able to scan the computers.

At the beginning of the scan, MBSA must retrieve an updated MBSA detection catalog (Wsusscan.cab) that provides information about updates and security vulnerabilities. By default, this file is retrieved from the Microsoft Web site at http://go.microsoft.com/fwlink/?LinkId=39043 and includes every current update available from Microsoft. If the computer is configured as a WSUS client, it will retrieve the file from your WSUS server instead.

[Previous] [Contents] [Next]

In this tutorial:

  1. Managing Software Updates
  2. Methods for Deploying Updates
  3. Windows Update Client
  4. Windows Server Update Services
  5. System Center Configuration Manager 2007 R2
  6. Manually Installing, Scripting, and Removing Updates
  7. Overview of Windows 7 Update Files
  8. How to Script Update Installations
  9. How to Remove Updates
  10. Deploying Updates to New Computers
  11. Other Reasons to Use a Private Network for New Computers
  12. Managing BITS
  13. BITS Behavior
  14. BITS Group Policy Settings
  15. Configuring the Maximum Bandwidth Served For Peer Client Requests Policy
  16. Managing BITS with Windows PowerShell
  17. Windows Update Group Policy Settings
  18. Configuring Windows Update to Use a Proxy Server
  19. Tools for Auditing Software Updates
  20. The MBSA Console
  21. MBSACLI
  22. Scheduling MBSA
  23. Troubleshooting the Windows Update Client
  24. The Process of Updating Network Software
  25. Assembling the Update Team
  26. Inventorying Software
  27. Creating an Update Process
  28. Discovering Updates
  29. Evaluating Updates
  30. Speeding the Update Process
  31. Retrieving Updates
  32. Testing Updates
  33. Installing Updates
  34. Removing Updates
  35. Auditing Updates
  36. How Microsoft Distributes Updates
  37. Security Updates
  38. Update Rollups
  39. Service Packs
  40. Microsoft Product Life Cycles