News

Enhanced Security Tool Posted to Microsoft.com

Microsoft posted a minor update this week of its free Microsoft Baseline Security Analyzer (MBSA) for download from its Web site.

MBSA 1.2 is the first new version in about a year of the tool for locally or remotely identifying common security misconfigurations and scanning for missing security updates in many of Microsoft's products. The original version of MBSA came out in early 2002.

New since version 1.1 are localized versions, additional product support and additional configuration checks. MBSA is now available for German, Japanese and French.

The tool now scans for security updates in Microsoft Office, Exchange Server 2003, several versions of MDAC and MSXML, the Microsoft Virtual Machine, all versions of BizTalk Server, Commerce Server 2000 and 2002, Content Management Server 2001 and 2002, Host Integration Server 2000 and 2004 and SNA Server 4.0.

Newly supported configuration checks cover the Internet Connection Firewall, Automatic Updates, Internet Explorer zones and the MBSA tool version.

MBSA, which works locally and remotely, is one of several technologies from Microsoft for scanning systems for security purposes. It replaced the Microsoft Personal Security Advisor (MPSA) of 2001 and is a superset of the HFNetChk tool.

It differs from Windows Update, which only covers critical updates for Windows, not less serious updates or updates for other Microsoft products such as SQL Server or Microsoft Office.

MBSA 1.2 is built to support use with Microsoft Software Update Services and with the security patch management in the SMS 2.0 Software Update Services Feature Pack. Use of the combinations, however, does leave certain holes in coverage.

Meanwhile, users of the different products get different results, due to each tool's reliance on different methods to determine whether an update is present. "Microsoft is working to resolve this inconsistency so that MBSA, Windows Update, Microsoft Software Update Services, and SMS security patch management will all use the same rules for determining the presence of an update on Windows systems," Microsoft's FAQ for MBSA says. For now, Microsoft recommends that users review security bulletins when discrepancies arise.

MBSA 1.2 runs on Windows 2000, Windows XP and Windows Server 2003 and can scan those platforms plus Windows NT 4.0. MBSA will not scan Windows 95, Windows 98 or Windows Me.

The download file, the FAQ and other resources are available here:
www.microsoft.com/technet/security/tools/mbsahome.asp

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Report: Cost, Sustainability Drive DaaS Adoption Beyond Remote Work

    Gartner's 2025 Magic Quadrant for Desktop as a Service reveals that while secure remote access remains a key driver of DaaS adoption, a growing number of deployments now focus on broader efficiency goals.

  • Windows 365 Reserve, Microsoft's Cloud PC Rental Service, Hits Preview

    Microsoft has launched a limited public preview of its new "Windows 365 Reserve" service, which lets organizations rent cloud PC instances in the event their Windows devices are stolen, lost or damaged.

  • Hands-On AI Skills Now Outshine Certs in Salary Stakes

    For AI-related roles, employers are prioritizing verifiable, hands-on abilities over framed certificates -- and they're paying a premium for it.

  • Roadblocks in Enterprise AI: Data and Skills Shortfalls Could Cost Millions

    Businesses risk losing up to $87 million a year if they fail to catch up with AI innovation, according to the Couchbase FY 2026 CIO AI Survey released this month.