Microsoft Baseline Security Analyzer (MBSA) 2.0 is an easy-to-use tool that helps small and medium businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems. Built on the Windows Update Agent and Microsoft Update infrastructure, MBSA ensures consistency with other Microsoft management products including Microsoft Update (MU), Windows Server Update Services (WSUS), Systems Management Server (SMS) and Microsoft Operations Manager (MOM). Used by many leading third party security vendors including Tivoli, Patchlink and Citadel, MBSA on average scans over 3 million computers each week. Join the thousands of users that depend on MBSA for analyzing their security state.
Link: Microsoft Baseline Security Analyzer 2.0
2
Microsoft Baseline Security Analyzer 2.0
Started by TwistedMetal, Jul 05 2005 04:33 AM
13 replies to this topic
#1 OFFLINE
-
- Moderators
-
- 1,537 posts
Forum Moderator
- Gender:Male
- Location:Glendale, AZ
- Interests:CCleaner, Computers, and Movies
Posted 05 July 2005 - 04:33 AM
#2 OFFLINE
-
- Moderators
-
- 8,858 posts
I hate computers
- Gender:Male
Posted 05 July 2005 - 04:53 AM
TwistedMetal did you actually download this? If you did what did it tell you about your security status?
#3 OFFLINE
-
- Moderators
-
- 1,537 posts
Forum Moderator
- Gender:Male
- Location:Glendale, AZ
- Interests:CCleaner, Computers, and Movies
Posted 05 July 2005 - 05:38 AM
Computer name: MSHOME\KEVPC
IP address: 192.168.0.2
Security report name: MSHOME - KEVPC (7-4-2005 9-30 PM)
Scan date: 7/4/2005 9:30 PM
Scanned with MBSA version: 2.0.5029.2
Security update catalog: Microsoft Update
Catalog synchronization date:
Security assessment: Potential Risk
Security Updates Scan Results
Issue: Office Security Updates
Score: Check passed
Result: No security updates are missing.
Current Update Compliance
| MS05-005 | Installed | Security Update for Office XP (KB873352) | Critical |
| MS05-006 | Installed | Security Update for SharePoint Team Services (KB890829) | Critical |
| MS04-027 | Installed | Security Update for Office XP: WordPerfect 5.x Converter (KB873379) | Important |
| MS05-023 | Installed | Security Update for Word 2002 (KB887978) | Critical |
| 832671 | Installed | Office XP Service Pack 3 | |
Issue: Windows Security Updates
Score: Check passed
Result: No security updates are missing.
Current Update Compliance
| 867460 | Installed | Microsoft .NET Framework 1.1 Service Pack 1 | |
| MS04-043 | Installed | Security Update for Windows XP (KB873339) | Important |
| MS04-041 | Installed | Security Update for Windows XP (KB885836) | Important |
| MS05-001 | Installed | Security Update for Windows XP (KB890175) | Critical |
| MS05-004 | Installed | Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB886903) | Critical |
| MS05-007 | Installed | Security Update for Windows XP (KB888302) | Important |
| MS05-009 | Installed | Security Update for Windows Messenger (KB887472) | Moderate |
| MS05-013 | Installed | Security Update for Windows XP (KB891781) | Important |
| MS05-015 | Installed | Security Update for Windows XP (KB888113) | Important |
| MS05-012 | Installed | Security Update for Windows XP (KB873333) | Important |
| MS05-016 | Installed | Security Update for Windows XP (KB893086) | Important |
| MS05-018 | Installed | Security Update for Windows XP (KB890859) | Important |
| MS04-044 | Installed | Security Update for Windows XP (KB885835) | Important |
| MS05-011 | Installed | Security Update for Windows XP (KB885250) | Critical |
| MS05-026 | Installed | Security Update for Windows XP (KB896358) | Critical |
| MS05-032 | Installed | Security Update for Windows XP (KB890046) | Moderate |
| MS05-027 | Installed | Security Update for Windows XP (KB896422) | Critical |
| MS05-033 | Installed | Security Update for Windows XP (KB896428) | Moderate |
| MS05-025 | Installed | Cumulative Security Update for Internet Explorer for Windows XP Service Pack 2 (KB883939) | Important |
| MS05-019 | Installed | Security Update for Windows XP (KB893066) | Critical |
| 890830 | Installed | Windows Malicious Software Removal Tool - June 2005 (KB890830) | |
Operating System Scan Results
Administrative Vulnerabilities
Issue: Local Account Password Test
Score: Check passed
Result: No user accounts have simple passwords.
Detail:
| User | Weak Password | Locked Out | Disabled |
| HelpAssistant | - | - | Disabled |
| SUPPORT_388945a0 | - | - | Disabled |
| ASPNET | - | - | - |
| Administrator | - | - | - |
| Guest | - | - | - |
| TwistedMetal | - | - | - |
Issue: File System
Score: Check passed
Result: All hard drives (1) are using the NTFS file system.
Detail:
| Drive Letter | File System |
| C: | NTFS |
Issue: Password Expiration
Score: Check not performed
Result: This check was skipped because the computer is not joined to a domain.
Issue: Guest Account
Score: Check passed
Result: The Guest account is not disabled on this computer.
Issue: Autologon
Score: Check not performed
Result: This check was skipped because the computer is not joined to a domain.
Issue: Restrict Anonymous
Score: Check passed
Result: Computer is properly restricting anonymous access.
Issue: Administrators
Score: Check passed
Result: No more than 2 Administrators were found on this computer.
Detail:
| User |
| Administrator |
| TwistedMetal |
Issue: Windows Firewall
Score: Best practice
Result: Windows Firewall is disabled and has exceptions configured.
Detail:
| Connection Name | Firewall | Exceptions |
| 1394 Connection | Off* | Programs*, Services* |
| All Connections | Off | Programs, Services |
| Linksys Network | Off* | Programs*, Services* |
Issue: Automatic Updates
Score: Check failed (non-critical)
Result: The Automatic Updates feature is disabled on this computer.
Issue: Incomplete Updates
Score: Best practice
Result: No incomplete software update installations were found.
Additional System Information
Issue: Windows Version
Score: Best practice
Result: Computer is running Windows 2000 or greater.
Issue: Auditing
Score: Best practice
Result: This check was skipped because the computer is not joined to a domain.
Issue: Shares
Score: Best practice
Result: 5 share(s) are present on your computer.
Detail:
| Share | Directory | Share ACL | Directory ACL |
| Printer | Adobe PDF,LocalsplOnly | Print Queue Share | Directory ACL can not be read. |
| ADMIN$ | C:\WINDOWS | Admin Share | BUILTIN\Users - RX, BUILTIN\Power Users - RWXD, BUILTIN\Administrators - F, NT AUTHORITY\SYSTEM - F |
| C$ | C:\ | Admin Share | BUILTIN\Administrators - F, NT AUTHORITY\SYSTEM - F, BUILTIN\Users - RX, Everyone - RX |
| SharedDocs | C:\DOCUMENTS AND SETTINGS\ALL USERS\DOCUMENTS | Everyone - F | NT AUTHORITY\SYSTEM - F, BUILTIN\Administrators - F, BUILTIN\Power Users - RWXD, BUILTIN\Users - RX, Everyone - RWXD |
| print$ | C:\WINDOWS\system32\spool\drivers | Everyone - R, Administrators - F, Power Users - F | Everyone - RX, BUILTIN\Users - RX, BUILTIN\Power Users - RWXD, BUILTIN\Administrators - F, NT AUTHORITY\SYSTEM - F |
Issue: Services
Score: Best practice
Result: Some potentially unnecessary services are installed.
Detail:
| Service | State |
| Telnet | Stopped |
Internet Information Services (IIS) Scan Results
IIS is not running on this computer.
SQL Server Scan Results
SQL Server and/or MSDE is not installed on this computer.
Desktop Application Scan Results
Administrative Vulnerabilities
Issue: IE Zones
Score: Check passed
Result: Internet Explorer zones have secure settings for all users.
Issue: Macro Security
Score: Check passed
Result: 4 Microsoft Office product(s) are installed. No issues were found.
Detail:
| Issue | User | Advice |
| Microsoft Excel 2002 | All Users | No security issues were found. |
| Microsoft Outlook 2002 | All Users | No security issues were found. |
| Microsoft PowerPoint 2002 | All Users | No security issues were found. |
| Microsoft Word 2002 | All Users | No security issues were found. |
IP address: 192.168.0.2
Security report name: MSHOME - KEVPC (7-4-2005 9-30 PM)
Scan date: 7/4/2005 9:30 PM
Scanned with MBSA version: 2.0.5029.2
Security update catalog: Microsoft Update
Catalog synchronization date:
Security assessment: Potential Risk
Security Updates Scan Results
Issue: Office Security Updates
Score: Check passed
Result: No security updates are missing.
Current Update Compliance
| MS05-005 | Installed | Security Update for Office XP (KB873352) | Critical |
| MS05-006 | Installed | Security Update for SharePoint Team Services (KB890829) | Critical |
| MS04-027 | Installed | Security Update for Office XP: WordPerfect 5.x Converter (KB873379) | Important |
| MS05-023 | Installed | Security Update for Word 2002 (KB887978) | Critical |
| 832671 | Installed | Office XP Service Pack 3 | |
Issue: Windows Security Updates
Score: Check passed
Result: No security updates are missing.
Current Update Compliance
| 867460 | Installed | Microsoft .NET Framework 1.1 Service Pack 1 | |
| MS04-043 | Installed | Security Update for Windows XP (KB873339) | Important |
| MS04-041 | Installed | Security Update for Windows XP (KB885836) | Important |
| MS05-001 | Installed | Security Update for Windows XP (KB890175) | Critical |
| MS05-004 | Installed | Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB886903) | Critical |
| MS05-007 | Installed | Security Update for Windows XP (KB888302) | Important |
| MS05-009 | Installed | Security Update for Windows Messenger (KB887472) | Moderate |
| MS05-013 | Installed | Security Update for Windows XP (KB891781) | Important |
| MS05-015 | Installed | Security Update for Windows XP (KB888113) | Important |
| MS05-012 | Installed | Security Update for Windows XP (KB873333) | Important |
| MS05-016 | Installed | Security Update for Windows XP (KB893086) | Important |
| MS05-018 | Installed | Security Update for Windows XP (KB890859) | Important |
| MS04-044 | Installed | Security Update for Windows XP (KB885835) | Important |
| MS05-011 | Installed | Security Update for Windows XP (KB885250) | Critical |
| MS05-026 | Installed | Security Update for Windows XP (KB896358) | Critical |
| MS05-032 | Installed | Security Update for Windows XP (KB890046) | Moderate |
| MS05-027 | Installed | Security Update for Windows XP (KB896422) | Critical |
| MS05-033 | Installed | Security Update for Windows XP (KB896428) | Moderate |
| MS05-025 | Installed | Cumulative Security Update for Internet Explorer for Windows XP Service Pack 2 (KB883939) | Important |
| MS05-019 | Installed | Security Update for Windows XP (KB893066) | Critical |
| 890830 | Installed | Windows Malicious Software Removal Tool - June 2005 (KB890830) | |
Operating System Scan Results
Administrative Vulnerabilities
Issue: Local Account Password Test
Score: Check passed
Result: No user accounts have simple passwords.
Detail:
| User | Weak Password | Locked Out | Disabled |
| HelpAssistant | - | - | Disabled |
| SUPPORT_388945a0 | - | - | Disabled |
| ASPNET | - | - | - |
| Administrator | - | - | - |
| Guest | - | - | - |
| TwistedMetal | - | - | - |
Issue: File System
Score: Check passed
Result: All hard drives (1) are using the NTFS file system.
Detail:
| Drive Letter | File System |
| C: | NTFS |
Issue: Password Expiration
Score: Check not performed
Result: This check was skipped because the computer is not joined to a domain.
Issue: Guest Account
Score: Check passed
Result: The Guest account is not disabled on this computer.
Issue: Autologon
Score: Check not performed
Result: This check was skipped because the computer is not joined to a domain.
Issue: Restrict Anonymous
Score: Check passed
Result: Computer is properly restricting anonymous access.
Issue: Administrators
Score: Check passed
Result: No more than 2 Administrators were found on this computer.
Detail:
| User |
| Administrator |
| TwistedMetal |
Issue: Windows Firewall
Score: Best practice
Result: Windows Firewall is disabled and has exceptions configured.
Detail:
| Connection Name | Firewall | Exceptions |
| 1394 Connection | Off* | Programs*, Services* |
| All Connections | Off | Programs, Services |
| Linksys Network | Off* | Programs*, Services* |
Issue: Automatic Updates
Score: Check failed (non-critical)
Result: The Automatic Updates feature is disabled on this computer.
Issue: Incomplete Updates
Score: Best practice
Result: No incomplete software update installations were found.
Additional System Information
Issue: Windows Version
Score: Best practice
Result: Computer is running Windows 2000 or greater.
Issue: Auditing
Score: Best practice
Result: This check was skipped because the computer is not joined to a domain.
Issue: Shares
Score: Best practice
Result: 5 share(s) are present on your computer.
Detail:
| Share | Directory | Share ACL | Directory ACL |
| Printer | Adobe PDF,LocalsplOnly | Print Queue Share | Directory ACL can not be read. |
| ADMIN$ | C:\WINDOWS | Admin Share | BUILTIN\Users - RX, BUILTIN\Power Users - RWXD, BUILTIN\Administrators - F, NT AUTHORITY\SYSTEM - F |
| C$ | C:\ | Admin Share | BUILTIN\Administrators - F, NT AUTHORITY\SYSTEM - F, BUILTIN\Users - RX, Everyone - RX |
| SharedDocs | C:\DOCUMENTS AND SETTINGS\ALL USERS\DOCUMENTS | Everyone - F | NT AUTHORITY\SYSTEM - F, BUILTIN\Administrators - F, BUILTIN\Power Users - RWXD, BUILTIN\Users - RX, Everyone - RWXD |
| print$ | C:\WINDOWS\system32\spool\drivers | Everyone - R, Administrators - F, Power Users - F | Everyone - RX, BUILTIN\Users - RX, BUILTIN\Power Users - RWXD, BUILTIN\Administrators - F, NT AUTHORITY\SYSTEM - F |
Issue: Services
Score: Best practice
Result: Some potentially unnecessary services are installed.
Detail:
| Service | State |
| Telnet | Stopped |
Internet Information Services (IIS) Scan Results
IIS is not running on this computer.
SQL Server Scan Results
SQL Server and/or MSDE is not installed on this computer.
Desktop Application Scan Results
Administrative Vulnerabilities
Issue: IE Zones
Score: Check passed
Result: Internet Explorer zones have secure settings for all users.
Issue: Macro Security
Score: Check passed
Result: 4 Microsoft Office product(s) are installed. No issues were found.
Detail:
| Issue | User | Advice |
| Microsoft Excel 2002 | All Users | No security issues were found. |
| Microsoft Outlook 2002 | All Users | No security issues were found. |
| Microsoft PowerPoint 2002 | All Users | No security issues were found. |
| Microsoft Word 2002 | All Users | No security issues were found. |
#4 OFFLINE
-
- Moderators
-
- 13,327 posts
Captain Spectacular
- Gender:Male
- Location:Shadow Moses
Posted 05 July 2005 - 10:28 AM
I tried it out and it was interesting. The only thing peculiar is when it gave recommendations of fixing SQL Server settings which aren't even accessable on my system due to the fact I don't have a way to edit the settings as suggested in MBSA. I don't know if SQL Server has to be installed individually or not. The only SQL related item I have is listed in services.msc as SQLAgent$MICROSOFTBCM.
#5 OFFLINE
-
- Members
-
- 230 posts
Advanced Member
- Gender:Male
- Location:UK
Posted 05 July 2005 - 04:03 PM
I've been using Microsoft Baseline Security Analyzer v1.2.1 for a few months now, good stuff.
#6 OFFLINE
-
- Members
-
- 8 posts
Newbie
Posted 05 July 2005 - 05:52 PM
Andavari, on Jul 5 2005, 02:28 AM, said:
I tried it out and it was interesting. The only thing peculiar is when it gave recommendations of fixing SQL Server settings which aren't even accessable on my system due to the fact I don't have a way to edit the settings as suggested in MBSA. I don't know if SQL Server has to be installed individually or not. The only SQL related item I have is listed in services.msc as SQLAgent$MICROSOFTBCM.
sounds like you are running an MSDE version.
This is basicaly one that is bundled with some software you are using
#7 OFFLINE
-
- Moderators
-
- 13,327 posts
Captain Spectacular
- Gender:Male
- Location:Shadow Moses
Posted 05 July 2005 - 11:26 PM
ybouan, on Jul 5 2005, 12:52 PM, said:
sounds like you are running an MSDE version.
This is basicaly one that is bundled with some software you are using
This is basicaly one that is bundled with some software you are using
Edit: Yup you're right, it comes from Microsoft Outlook with Business Contact Manager from the Office 2003 installation. Funny thing is I've never even opened it once.
#8 Guest_pedro319_*
-
- Guests
Posted 06 July 2005 - 02:39 AM
Hi
I am using Microsoft Baseline Security Analyzer v1.2.1 .
I went and checked out the new version (MBSA) 2.0.
There are 4different downloads.
MBSASetup-DE.msi
1262 KB
MBSASetup-EN.msi
1250 KB
MBSASetup-FR.msi
1271 KB
MBSASetup-JA.msi
1419 KB
I do not know if or what ones to download.
I am using windowsXP Home Service Pack 2 all the latest Microsoft updates.
Only using 1 computer.
This shows how little i know but i have been trying to learn
Thanks for any help.
Cheers
I am using Microsoft Baseline Security Analyzer v1.2.1 .
I went and checked out the new version (MBSA) 2.0.
There are 4different downloads.
MBSASetup-DE.msi
1262 KB
MBSASetup-EN.msi
1250 KB
MBSASetup-FR.msi
1271 KB
MBSASetup-JA.msi
1419 KB
I do not know if or what ones to download.
I am using windowsXP Home Service Pack 2 all the latest Microsoft updates.
Only using 1 computer.
This shows how little i know but i have been trying to learn
Thanks for any help.
Cheers
#9 OFFLINE
-
- Moderators
-
- 8,858 posts
I hate computers
- Gender:Male
Posted 06 July 2005 - 02:56 AM
pedro the differeances are the languages
En=english
Fr=French
Ja=Japanese
Download from here and it will be easier
http://www.microsoft.com/technet/security/...a2/default.mspx
En=english
Fr=French
Ja=Japanese
Download from here and it will be easier
http://www.microsoft.com/technet/security/...a2/default.mspx
#10 Guest_pedro319_*
-
- Guests
Posted 06 July 2005 - 03:09 AM
Hi and thanks rridgely
Shows how silly i am
I shall go and download it now
Cheers pedro
Shows how silly i am
I shall go and download it now
Cheers pedro
#11 OFFLINE
-
- Members
-
- 25 posts
Member
- Gender:Male
- Location:Eastbourne Uk
- Interests:computers, Helping others and Formula F1 Motor Racing
Posted 26 July 2005 - 11:01 PM
pedro319, on Jul 6 2005, 03:09 AM, said:
Hi and thanks rridgely
Shows how silly i am
I shall go and download it now
Cheers pedro
Shows how silly i am
I shall go and download it now
Cheers pedro
Signature made with paintnet
#12 OFFLINE
-
- Members
-
- 3 posts
Newbie
Posted 28 July 2005 - 02:01 PM
Hi TwistedMetal,
I had a question on the MBSA 2.0...in the results.txt file (which is essentially a log file generated after the MBSA scan) what are the usual risk levels? I scanned a few machines and received the following output in results.txt -
1. Potential Risk
2. Severe Risk
Are there any more risk types observed? (Like for e.g. Critical Risk?)
Any feedback on this from our members is highly appreciated.
Thanks!
I had a question on the MBSA 2.0...in the results.txt file (which is essentially a log file generated after the MBSA scan) what are the usual risk levels? I scanned a few machines and received the following output in results.txt -
1. Potential Risk
2. Severe Risk
Are there any more risk types observed? (Like for e.g. Critical Risk?)
Any feedback on this from our members is highly appreciated.
Thanks!
#13 OFFLINE
-
- Members
-
- 3 posts
Newbie
Posted 04 August 2005 - 03:06 PM
Hi All,
I need some help on MBSA 2.0. I installed the tool on my machine, but due to some reason, even if MBSA is installed in C:\Program Files, it is not downloading the catalog files in C:\Documents and Settings\akulkarn\Local Settings\Application Data\Microsoft\MBSA\2.0\Cache. This is happening on one of the test boxes I have, and I googled to find the solution to this problem, but no luck. I always get the error 'The catalog file is corrupt' when I perfrom MBSA scan on this test box. This box is loaded with the latest XP version, and I checked the Internet settings to verify that it is not offline (this could prevent the catalog files to be downloaded by the update agent).
I have somehow managed to reach the conclusion that due to soem reason, the catalog files are not downloading properly when I install MBSA 2.0 on this computer. This is happening in spite of repeated uninstalls and installs.
Could someone help me out?
Thanks!
abhijit
I need some help on MBSA 2.0. I installed the tool on my machine, but due to some reason, even if MBSA is installed in C:\Program Files, it is not downloading the catalog files in C:\Documents and Settings\akulkarn\Local Settings\Application Data\Microsoft\MBSA\2.0\Cache. This is happening on one of the test boxes I have, and I googled to find the solution to this problem, but no luck. I always get the error 'The catalog file is corrupt' when I perfrom MBSA scan on this test box. This box is loaded with the latest XP version, and I checked the Internet settings to verify that it is not offline (this could prevent the catalog files to be downloaded by the update agent).
I have somehow managed to reach the conclusion that due to soem reason, the catalog files are not downloading properly when I install MBSA 2.0 on this computer. This is happening in spite of repeated uninstalls and installs.
Could someone help me out?
Thanks!
abhijit
TwistedMetal, on Jul 4 2005, 10:33 PM, said:
Microsoft Baseline Security Analyzer (MBSA) 2.0 is an easy-to-use tool that helps small and medium businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems. Built on the Windows Update Agent and Microsoft Update infrastructure, MBSA ensures consistency with other Microsoft management products including Microsoft Update (MU), Windows Server Update Services (WSUS), Systems Management Server (SMS) and Microsoft Operations Manager (MOM). Used by many leading third party security vendors including Tivoli, Patchlink and Citadel, MBSA on average scans over 3 million computers each week. Join the thousands of users that depend on MBSA for analyzing their security state.
Link: Microsoft Baseline Security Analyzer 2.0
Link: Microsoft Baseline Security Analyzer 2.0
#14 OFFLINE
-
- Moderators
-
- 13,327 posts
Captain Spectacular
- Gender:Male
- Location:Shadow Moses
Posted 04 August 2005 - 08:52 PM
abhijitk, on Aug 4 2005, 10:06 AM, said:
I have somehow managed to reach the conclusion that due to soem reason, the catalog files are not downloading properly when I install MBSA 2.0 on this computer. This is happening in spite of repeated uninstalls and installs.
