Picking Computers to Scan

You can run MBSA against a single computer or multiple computers in a network. When you choose to scan a single computer. You can identify the computer to scan based on the computer name or its IP address.

You'll need administrative access to scan any computers using MBSA, so if you're scanning remote computers, you should be logged on with an account that is in the remote computer's Administrators group.

Tip When running MBSA in a domain, you should use a domain account that is added to the Administrators group of the desktop computers Most organizations create a group that is automatically added to the local Administrators group on desktop computers that desktop support personnel manage.

If you instead click the Scan Multiple Computers link of MBSA. You can choose to scan all the computers in a domain or all the computers in a range of IP addresses.

When MBSA is run, it will first connect to a Microsoft website to download the MBSA detection catalog (wsusscn2.cab). This catalog includes information about all available updates and security vulnerabilities. It is used to compare the existing updates and confi gurations on individual clients with a list of security updates that have been released along with known vulnerabilities. If the catalog has already been downloaded, MBSA will check to be sure it is up to date.

Note You can download the wsusscn2.cab catalog directly from Microsoft's site using this link: http://go.microsoft.com/fwlink/?linkid=76054 This file can then be centrally located and used with the /catalog switch when using MBSACLI (the command-line equivalent of MBSA).

The previous version of the cabinet fi le was named wsusscan.cab and is still available. However, wsusscan.cab has not been updated since March 2007 and doesn't include updates and security vulnerabilities since then. You need to use the wsusscn2.cab fi le to ensure that you are checking against the most recent data.