News

Enhanced Security Tool Posted to Microsoft.com

Microsoft posted a minor update this week of its free Microsoft Baseline Security Analyzer (MBSA) for download from its Web site.

MBSA 1.2 is the first new version in about a year of the tool for locally or remotely identifying common security misconfigurations and scanning for missing security updates in many of Microsoft's products. The original version of MBSA came out in early 2002.

New since version 1.1 are localized versions, additional product support and additional configuration checks. MBSA is now available for German, Japanese and French.

The tool now scans for security updates in Microsoft Office, Exchange Server 2003, several versions of MDAC and MSXML, the Microsoft Virtual Machine, all versions of BizTalk Server, Commerce Server 2000 and 2002, Content Management Server 2001 and 2002, Host Integration Server 2000 and 2004 and SNA Server 4.0.

Newly supported configuration checks cover the Internet Connection Firewall, Automatic Updates, Internet Explorer zones and the MBSA tool version.

MBSA, which works locally and remotely, is one of several technologies from Microsoft for scanning systems for security purposes. It replaced the Microsoft Personal Security Advisor (MPSA) of 2001 and is a superset of the HFNetChk tool.

It differs from Windows Update, which only covers critical updates for Windows, not less serious updates or updates for other Microsoft products such as SQL Server or Microsoft Office.

MBSA 1.2 is built to support use with Microsoft Software Update Services and with the security patch management in the SMS 2.0 Software Update Services Feature Pack. Use of the combinations, however, does leave certain holes in coverage.

Meanwhile, users of the different products get different results, due to each tool's reliance on different methods to determine whether an update is present. "Microsoft is working to resolve this inconsistency so that MBSA, Windows Update, Microsoft Software Update Services, and SMS security patch management will all use the same rules for determining the presence of an update on Windows systems," Microsoft's FAQ for MBSA says. For now, Microsoft recommends that users review security bulletins when discrepancies arise.

MBSA 1.2 runs on Windows 2000, Windows XP and Windows Server 2003 and can scan those platforms plus Windows NT 4.0. MBSA will not scan Windows 95, Windows 98 or Windows Me.

The download file, the FAQ and other resources are available here:
www.microsoft.com/technet/security/tools/mbsahome.asp

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.