Enhanced Security Tool Posted to Microsoft.com
- By Scott Bekker
- January 22, 2004
Microsoft posted a minor update this week of its free Microsoft Baseline Security Analyzer (MBSA) for download from its Web site.
MBSA 1.2 is the first new version in about a year of the tool for locally or remotely identifying common security misconfigurations and scanning for missing security updates in many of Microsoft's products. The original version of MBSA came out in early 2002.
New since version 1.1 are localized versions, additional product support and additional configuration checks. MBSA is now available for German, Japanese and French.
The tool now scans for security updates in Microsoft Office, Exchange Server 2003, several versions of MDAC and MSXML, the Microsoft Virtual Machine, all versions of BizTalk Server, Commerce Server 2000 and 2002, Content Management Server 2001 and 2002, Host Integration Server 2000 and 2004 and SNA Server 4.0.
Newly supported configuration checks cover the Internet Connection Firewall, Automatic Updates, Internet Explorer zones and the MBSA tool version.
MBSA, which works locally and remotely, is one of several technologies from Microsoft for scanning systems for security purposes. It replaced the Microsoft Personal Security Advisor (MPSA) of 2001 and is a superset of the HFNetChk tool.
It differs from Windows Update, which only covers critical updates for Windows, not less serious updates or updates for other Microsoft products such as SQL Server or Microsoft Office.
MBSA 1.2 is built to support use with Microsoft Software Update Services and with the security patch management in the SMS 2.0 Software Update Services Feature Pack. Use of the combinations, however, does leave certain holes in coverage.
Meanwhile, users of the different products get different results, due to each tool's reliance on different methods to determine whether an update is present. "Microsoft is working to resolve this inconsistency so that MBSA, Windows Update, Microsoft Software Update Services, and SMS security patch management will all use the same rules for determining the presence of an update on Windows systems," Microsoft's FAQ for MBSA says. For now, Microsoft recommends that users review security bulletins when discrepancies arise.
MBSA 1.2 runs on Windows 2000, Windows XP and Windows Server 2003 and can scan those platforms plus Windows NT 4.0. MBSA will not scan Windows 95, Windows 98 or Windows Me.
The download file, the FAQ and other resources are available here:
Scott Bekker is editor in chief of Redmond Channel Partner magazine.