Hello: http://www.mypcclinic.com/forums/images/smilies/64.gif
Just wondering if anybody else uses this besides me, and what you think of it.
I used an earlier version but it did not work but the Update does even though I am still running SP1, waiting for my CD to load SP2.


Microsoft Baseline Security Analyzer 1.2.1
New version, MBSA 1.2.1, needed for Windows XP SP2 compatibility: Users of Windows XP Service Pack 2 will need to update their MBSA to version 1.2.1 for compatibility with SP2 security improvements. Windows XP SP2 users who are running MBSA 1.2 will be automatically notified when they run the tool from the Start menu with an Internet connection. MBSA is the free, best practices vulnerability assessment tool for the Microsoft platform. It is a tool designed for the IT Professional that helps with the assessment phase of an overall security management strategy. MBSA Version 1.2.1 includes a graphical and command line interface that can perform local or remote scans of Windows systems.

Download:
http://www.microsoft.com/technet/security/tools/mbsahome.mspx

Oopps::eek:

Just saw this Post but no replys:
http://www.mypcclinic.com/forums/showthread.php?t=6040

I have never ran the MBSA and never have had a need too. Doubt it will hurt, but it'll be just one more thing on your machine.

Cheers,
Mike

P.S. -- Welcome to MPC :)

"I have never ran the MBSA and never have had a need too."

Hey Mike, I guess you don't run Windows because anyone who does should run this audit. I use several sec audits both local and remote and I find this one to be very good. It will check all policies, check all sec cfgs incl browser, and check all patches to be sure they actually took hold. I'm sure you realize that WU is famous for hotfixes that are reported installed but don't actually get loaded...this audit will verify them.

I manage/admin several SOHOs(nearly 300 machines now) and we found it to be invaluable. The results are easy to understand and have links to more info for each flawed policy/cfg noted. IMO this is probably the best peripheral ware MS has ever offered.

I think you should check it out before telling folks an opinion.

IMO, MBSA is a bit overkill for the average home user... It's a great program, and especially helpful for sysadmins in companies, but most of the stuff it checks won't be installed on home PC's...

This appeared inthe 'Tourbus' newsletter today. Thought I would pass it on :)
(you can subscribe to Tourbus here http://www.tourbus.com/ )

The Microsoft Baseline Security Analyzer
----------------------------------------

You probably know by now that when Microsoft finds a security hole in
Windows or Internet Explorer they [usually/eventually] release a patch
called a "Critical Update." In fact, Microsoft released a new
Critical Update just this past Tuesday that closes over 20 security
holes.

What you may not know is that Windows Update lies. [GASP!] No,
really. Windows Update frequently thinks you've installed a Critical
Update you haven't, leaving your computer vulnerable.

Fortunately, Microsoft's Baseline Security Analyzer [MBSA] takes care
of that little-known problem. MBSA is a free program from Microsoft
that scans for over 60 common system misconfigurations and almost any
Microsoft security update your computer may be missing. In particular,
MBSA double-checks the security of

- Windows (*)

- Microsoft Office 2000 and later

- Internet Explorer 5.01 and later

- Windows Media Player 6.4 and later

- A bunch of other Microsoft applications and services

MBSA analyzes, you fix. In other words, MBSA tells you what's wrong
and points you to the solution. But YOU have to manually download and
apply the solution. That's important to remember.

Wait. There's more. Did you notice that little asterisk next to
"Windows?" Well, that's because MBSA only works on Windows XP, 2000,
and Server 2003. :(

That's all of the bad news. Now for the good news. While the MBSA
was designed for corporate tech support, there is no reason why you
can't use it at home. Oh, and it's free.

Yes, you read that correctly. Microsoft is actually giving something
away.

To get the latest version of Microsoft's MBSA, just go to

http://www.microsoft.com/technet/security/tools/mbsahome.mspx

Download the MBSASetup-EN.msi file to your desktop and then double-
click to install it.

------------
Running MBSA
------------

Once you've downloaded and installed MBSASetup-EN.msi, double-click on
the MBSA "watering can" [padlock and checkmark] icon. This opens the
MBSA welcome screen.

Click "Scan a computer."

On the next screen, don't change anything. Just make sure you are
connected to the Internet and then click "Start scan."

MBSA calls home to Microsoft and downloads something called
"MSSecure.cab." This file contains information about practically
every patch Microsoft has released. MBSA scans your computer's
operating system, operating system components, and Microsoft
applications. MBSA then compares the version numbers of the stuff on
your computer with the latest version numbers in the MSSecure.cab file.
Finally, MBSA shows you which updates your computer is missing.

-------------------------------
Translating the security report
-------------------------------

Critical failures [red Xs] require you to immediately install a patch
or update to ensure the strongest security of your computer. Non-
critical failures [yellow Xs] happen when there is a newer version of
something available, but you don't really have to upgrade...yet. Best
practices [blue asterisks] could signify a problem--MBSA can't confirm
that those particular security updates have been installed.

What's important and what isn't? Well, MBSA's security report has
seven sections, and in my humble opinion you only have to worry about
two:

1. Security Update Scan Results [at the top of the report]

2. Desktop Application Scan Results [at the very bottom]

The five sections in the middle don't really apply to home users.
Don't get me wrong: Problems here are important. They're just rarely
critical. You can fix the problems in the middle five sections if you
want, but you don't have to.

----------------------------
Fixing the critical failures
----------------------------

Remember, MBSA analyzes, you fix.

To find a fix for a critical failure in Security Update Scan Results
or Desktop Application Scan Results, click on the "Result Details"
link next to that critical failure. This shows you exactly what's
missing or is misconfigured. Click on each link and it opens a page
in Internet Explorer telling you how to download the appropriate patch.
REMEMBER TO INSTALL THE PATCHES AFTER YOU DOWNLOAD THEM! MBSA won't
do it for you.

--------------
Blue Asterisks
--------------

Sometimes MBSA gets confused and can't confirm if your computer has a
particular patch. That's what the blue asterisks signify. Fixing
those blue asterisks is a little more complicated.

1. Click on Results Details.

2. In the description for each Security Update you'll see a six
digit number in parentheses. Write down each six digit set of
numbers you see.

3. Then go to Add/Remove Programs in your Control Panel.

4. Scroll down towards the bottom and look for the Windows
Hotfixes.

5. Compare those six digits you wrote down in MBSA with the last
six digits of the various hotfixes in Add/Remove Programs.

If you find a match, you have the patch. MBSA just got confused. If
you don't find a match, go back to the MBSA Results Details page and
manually download and install the missing patches.

---------
MBSA tips
---------

Run MBSA from time to time just to double-check your computer's
security. I usually run MBSA every three months or so.

Don't be surprised if MBSA still gives you blue asterisks even after
you've installed all the patches. Sometimes MBSA gets confused. And
there's no real way to unconfuse it.

Finally, there's no such thing as a "clean" MBSA scan, especially in
the middle five sections. MBSA is always going to find something to
complain about.

-------
Summary
-------

So, what did we learn today? Well, we learned that MBSA is a free
program from Microsoft that scans for over 60 common system
misconfigurations and almost any Microsoft security update your
computer may be missing. You need to fix the critical failures [red
Xs] and the best practices [blue asterisks] as soon as possible.
Think about fixing the non-critical failures [yellow Xs] when you get
the time.

MBSA's security report has seven sections, and you only have to worry
about two:

- Security Update Scan Results [at the top of the report]

- Desktop Application Scan Results [at the very bottom]