Microsoft Baseline Security Analyzer
The Microsoft Baseline Security Analyzer (MBSA) tool allows you to scan client computers to determine if they have all currently available software updates installed. This tool allows administrators in environments that do not use a central update solution like WSUS to locate client computers that are not up to date with security updates. If you do not use a utility like the MBSA tool, you need to access Windows Update on each computer to determine whether a particular computer has all updates installed. The MBSA tool is important in the latter stages of an operating system's life cycle. This is because more updates are available for an operating system the longer that operating system is available, and it becomes increasingly time consuming to determine if a particular update is missing.
The MBSA tool can check a computer for updates based on Microsoft Update, or can scan a computer based on updates that were approved on a WSUS server. You can also use the MBSA tool to determine if there are problems with a computer's security configuration, such as whether common administrative vulnerabilities are present and weak passwords are set. You can use the MBSA tool to scan servers as well as clients, so it is possible to check for other vulnerabilities, such as those that are present in Internet Information Server (IIS) and Microsoft SQL Server. To scan a computer, you need to have administrator access on the local computer and administrator access on any remote computer that you are scanning. This requirement ensures that you cannot use the MBSA tool as an attack tool to scan other people's computers to determine which vulnerabilities they may possess. You cannot use version 2.1 and earlier of the MBSA tool to scan computers running Windows 7.
More Info MBSA
To get more information about the MBSA, consult the following Microsoft TechNet Web
page: http://technet.microsoft.com/en-au/security/cc184923.aspx.
MBSA 2.1.1 was released to support Windows 7 clients. It can run on and scan any of the following clients:
- Windows 2000
- Windows XP
- Windows Vista
- Windows Server 2003
- Windows Server 2003 R2
- Windows Server 2008
- Windows Server 2008 R2
After you've run at least a single report, the View Existing Security Scan Reports link will be enabled, allowing you to view past reports. If you click this link, it'll provide a list of all the reports that have been run. This list includes the computer name, the IP address, the overall assessment of the scan, and the date when it was run.
In this tutorial:
- Windows 7 and Other software Up to Date
- Understanding Windows Live
- Updates versus upgrades
- Why updates are important
- Windows Update
- Windows Update: The essentials
- Types of Updates
- Completing an Update
- Configuring automatic Updating
- Windows Update Applet and Functions
- Manually Install Updates Using Windows Update
- Action Center
- Updates Do Not Install Properly
- Other Windows Update Settings
- Configuring Windows 7 Update to Use a Proxy Server
- Can't Find Hidden Update
- Viewing and Changing Installed Updates
- Can't Uninstall Current Update
- Upgrade Windows Anytime
- Understanding Windows Server Update Services
- Windows Update Policies
- Updating Drivers
- Using Device Manager to Update Drivers
- Windows Update Driver Settings
- Windows 7 Service Packs
- Basic Service Pack Information
- Installation of Service Packs
- Installing and Removing Software
- Installation via CD or DVD
- Problem Installing from Disc
- Installation via Downloaded Program
- Viewing and Changing Programs
- Uninstalling Software
- Compatibility Issues in 64-Bit Version
- Upgrade Issues with 64-Bit Windows 7
- Other Program Compatibility Issues
- Side-by-Side Installs and Virtual Registries
- Removing Updates from Windows 7
- Thwarting Exploits with DEP
- Microsoft Baseline Security Analyzer
- Picking Computers to Scan
- Vulnerability Checks
- Installing MBSA
- Running the MBSA
- Running the MBSACLI
- MBSACLI Location
- Running in an Isolated Environment
- Using Windows Server Update Services
- WSUS Updates
- WSUS Requirements
- Installing, Configuring, and Using WSUS
- Adding the Application Server and Web Server (IIS) Roles
- Installing the Report Viewer
- Installing WSUS
- Configuring Group Policy Settings for WSUS
- Creating a GPO to Configure Clients to Use WSUS
- Verifying That Clients Are Using GPO Settings for WSUS
- Verifying That Clients Are Using GPO Settings with GPResult
- Creating Computer Groups on WSUS
- Approving Updates in WSUS
- Viewing WSUS Reports