Microsoft Baseline Security Analyzer
| Microsoft Baseline Security Analyzer
|
|
|---|---|
|
|
| Basic data
|
|
| developer | Microsoft |
| Current version | 2.3.2211.0 (January 9, 2015) |
| operating system | Windows |
| category | Computer security analyzer |
| License | Microsoft EULA ( Closed Source ) |
| German speaking | Yes |
|
MBSA at Microsoft MSDN (English) download page at Microsoft |
|
MBSA (Microsoft Baseline Security Analyzer) is a free tool that examines Windows for security vulnerabilities . It is supposed to find typical security-relevant misconfigurations in Microsoft products and Windows. It also checks that all the latest security updates are in place. The program can be downloaded from Microsoft without a validity check.
Version 2.0
MBSA 2.0 runs on the operating systems Windows 2000 , Windows XP and Windows Server 2003. It analyzes the web server IIS in version 5.0 and 6.0, the SQL server in version 7.0 and 2000, Internet Explorer from version 5.01 and Microsoft Office 2000, 2002 and 2003. Version 2.1 also supports Windows Vista , Windows Server 2008 and all x64 versions. A command line interpreter is also integrated. We scan security updates for Microsoft Office XP and provide ratings for the severity of the security issues that are identified. Other areas that can be verified by MBSA include:
- The hardware is checked to ensure that the drivers and BIOS versions are up to date.
- The operating system is checked for current updates and patches.
- The settings of the user accounts are checked for password security.
- Server applications such as Exchange, SQL, IIS and other MS applications are checked
- Client software such as Office XP (possibly 3rd party software) are also checked.
The MBSA executing user needs local administrator rights on the computer to be scanned, and the administrative shares must be activated.
Version 2.1
MBSA 2.1 also supports Windows Vista and Windows Server 2008 and the 64-bit versions of the operating systems. With this version, support for Windows XP and SQL Server 2005 has been increased. There are also two new command line options for outputting reports to a specified folder and for using the graphic interface instead of the command prompt during the test. MBSA is now compatible with WSUS 2.0 and 3.0. This MBSA version can also only be used by administrators with activated administrative shares.
Version 2.2
MBSA 2.2 also supports Windows 7 32-bit and 64-bit versions. Microsoft improvements have also been incorporated.
Version 2.3
MBSA 2.3 continues to support the aforementioned older Microsoft operating systems from Windows XP and also Windows 8 and 8.1, Windows Server 2008 R2 , Windows Server 2012 and Server 2012 R2; it can no longer run under Windows 10 . Improvements from Microsoft have also been incorporated.
Web links
- Using Microsoft Baseline Security (accessed September 17, 2015)
- Microsoft Baseline Security Analyzer (accessed September 17, 2015)
- Microsoft Baseline Security Analyzer Tutorial (accessed September 17, 2015)