Jump to content
CCleaner Community Forums
TwistedMetal

Microsoft Baseline Security Analyzer 2.0

Recommended Posts

Microsoft Baseline Security Analyzer (MBSA) 2.0 is an easy-to-use tool that helps small and medium businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems. Built on the Windows Update Agent and Microsoft Update infrastructure, MBSA ensures consistency with other Microsoft management products including Microsoft Update (MU), Windows Server Update Services (WSUS), Systems Management Server (SMS) and Microsoft Operations Manager (MOM). Used by many leading third party security vendors including Tivoli, Patchlink and Citadel, MBSA on average scans over 3 million computers each week. Join the thousands of users that depend on MBSA for analyzing their security state.

 

Link: Microsoft Baseline Security Analyzer 2.0

Share this post


Link to post
Share on other sites

Computer name: MSHOME\KEVPC

IP address: 192.168.0.2

Security report name: MSHOME - KEVPC (7-4-2005 9-30 PM)

Scan date: 7/4/2005 9:30 PM

Scanned with MBSA version: 2.0.5029.2

Security update catalog: Microsoft Update

Catalog synchronization date:

Security assessment: Potential Risk

 

Security Updates Scan Results

 

Issue: Office Security Updates

Score: Check passed

Result: No security updates are missing.

 

Current Update Compliance

 

| MS05-005 | Installed | Security Update for Office XP (KB873352) | Critical |

| MS05-006 | Installed | Security Update for SharePoint Team Services (KB890829) | Critical |

| MS04-027 | Installed | Security Update for Office XP: WordPerfect 5.x Converter (KB873379) | Important |

| MS05-023 | Installed | Security Update for Word 2002 (KB887978) | Critical |

| 832671 | Installed | Office XP Service Pack 3 | |

 

Issue: Windows Security Updates

Score: Check passed

Result: No security updates are missing.

 

Current Update Compliance

 

| 867460 | Installed | Microsoft .NET Framework 1.1 Service Pack 1 | |

| MS04-043 | Installed | Security Update for Windows XP (KB873339) | Important |

| MS04-041 | Installed | Security Update for Windows XP (KB885836) | Important |

| MS05-001 | Installed | Security Update for Windows XP (KB890175) | Critical |

| MS05-004 | Installed | Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB886903) | Critical |

| MS05-007 | Installed | Security Update for Windows XP (KB888302) | Important |

| MS05-009 | Installed | Security Update for Windows Messenger (KB887472) | Moderate |

| MS05-013 | Installed | Security Update for Windows XP (KB891781) | Important |

| MS05-015 | Installed | Security Update for Windows XP (KB888113) | Important |

| MS05-012 | Installed | Security Update for Windows XP (KB873333) | Important |

| MS05-016 | Installed | Security Update for Windows XP (KB893086) | Important |

| MS05-018 | Installed | Security Update for Windows XP (KB890859) | Important |

| MS04-044 | Installed | Security Update for Windows XP (KB885835) | Important |

| MS05-011 | Installed | Security Update for Windows XP (KB885250) | Critical |

| MS05-026 | Installed | Security Update for Windows XP (KB896358) | Critical |

| MS05-032 | Installed | Security Update for Windows XP (KB890046) | Moderate |

| MS05-027 | Installed | Security Update for Windows XP (KB896422) | Critical |

| MS05-033 | Installed | Security Update for Windows XP (KB896428) | Moderate |

| MS05-025 | Installed | Cumulative Security Update for Internet Explorer for Windows XP Service Pack 2 (KB883939) | Important |

| MS05-019 | Installed | Security Update for Windows XP (KB893066) | Critical |

| 890830 | Installed | Windows Malicious Software Removal Tool - June 2005 (KB890830) | |

 

 

Operating System Scan Results

 

Administrative Vulnerabilities

 

Issue: Local Account Password Test

Score: Check passed

Result: No user accounts have simple passwords.

 

Detail:

| User | Weak Password | Locked Out | Disabled |

| HelpAssistant | - | - | Disabled |

| SUPPORT_388945a0 | - | - | Disabled |

| ASPNET | - | - | - |

| Administrator | - | - | - |

| Guest | - | - | - |

| TwistedMetal | - | - | - |

Issue: File System

Score: Check passed

Result: All hard drives (1) are using the NTFS file system.

 

Detail:

| Drive Letter | File System |

| C: | NTFS |

Issue: Password Expiration

Score: Check not performed

Result: This check was skipped because the computer is not joined to a domain.

 

Issue: Guest Account

Score: Check passed

Result: The Guest account is not disabled on this computer.

 

Issue: Autologon

Score: Check not performed

Result: This check was skipped because the computer is not joined to a domain.

 

Issue: Restrict Anonymous

Score: Check passed

Result: Computer is properly restricting anonymous access.

 

Issue: Administrators

Score: Check passed

Result: No more than 2 Administrators were found on this computer.

 

Detail:

| User |

| Administrator |

| TwistedMetal |

Issue: Windows Firewall

Score: Best practice

Result: Windows Firewall is disabled and has exceptions configured.

 

Detail:

| Connection Name | Firewall | Exceptions |

| 1394 Connection | Off* | Programs*, Services* |

| All Connections | Off | Programs, Services |

| Linksys Network | Off* | Programs*, Services* |

Issue: Automatic Updates

Score: Check failed (non-critical)

Result: The Automatic Updates feature is disabled on this computer.

 

Issue: Incomplete Updates

Score: Best practice

Result: No incomplete software update installations were found.

 

Additional System Information

 

Issue: Windows Version

Score: Best practice

Result: Computer is running Windows 2000 or greater.

 

Issue: Auditing

Score: Best practice

Result: This check was skipped because the computer is not joined to a domain.

 

Issue: Shares

Score: Best practice

Result: 5 share(s) are present on your computer.

 

Detail:

| Share | Directory | Share ACL | Directory ACL |

| Printer | Adobe PDF,LocalsplOnly | Print Queue Share | Directory ACL can not be read. |

| ADMIN$ | C:\WINDOWS | Admin Share | BUILTIN\Users - RX, BUILTIN\Power Users - RWXD, BUILTIN\Administrators - F, NT AUTHORITY\SYSTEM - F |

| C$ | C:\ | Admin Share | BUILTIN\Administrators - F, NT AUTHORITY\SYSTEM - F, BUILTIN\Users - RX, Everyone - RX |

| SharedDocs | C:\DOCUMENTS AND SETTINGS\ALL USERS\DOCUMENTS | Everyone - F | NT AUTHORITY\SYSTEM - F, BUILTIN\Administrators - F, BUILTIN\Power Users - RWXD, BUILTIN\Users - RX, Everyone - RWXD |

| print$ | C:\WINDOWS\system32\spool\drivers | Everyone - R, Administrators - F, Power Users - F | Everyone - RX, BUILTIN\Users - RX, BUILTIN\Power Users - RWXD, BUILTIN\Administrators - F, NT AUTHORITY\SYSTEM - F |

Issue: Services

Score: Best practice

Result: Some potentially unnecessary services are installed.

 

Detail:

| Service | State |

| Telnet | Stopped |

 

Internet Information Services (IIS) Scan Results

IIS is not running on this computer.

 

SQL Server Scan Results

SQL Server and/or MSDE is not installed on this computer.

 

Desktop Application Scan Results

 

Administrative Vulnerabilities

 

Issue: IE Zones

Score: Check passed

Result: Internet Explorer zones have secure settings for all users.

 

Issue: Macro Security

Score: Check passed

Result: 4 Microsoft Office product(s) are installed. No issues were found.

 

Detail:

| Issue | User | Advice |

| Microsoft Excel 2002 | All Users | No security issues were found. |

| Microsoft Outlook 2002 | All Users | No security issues were found. |

| Microsoft PowerPoint 2002 | All Users | No security issues were found. |

| Microsoft Word 2002 | All Users | No security issues were found. |

Share this post


Link to post
Share on other sites

I tried it out and it was interesting. The only thing peculiar is when it gave recommendations of fixing SQL Server settings which aren't even accessable on my system due to the fact I don't have a way to edit the settings as suggested in MBSA. I don't know if SQL Server has to be installed individually or not. The only SQL related item I have is listed in services.msc as SQLAgent$MICROSOFTBCM.

Share this post


Link to post
Share on other sites
I tried it out and it was interesting. The only thing peculiar is when it gave recommendations of fixing SQL Server settings which aren't even accessable on my system due to the fact I don't have a way to edit the settings as suggested in MBSA. I don't know if SQL Server has to be installed individually or not. The only SQL related item I have is listed in services.msc as SQLAgent$MICROSOFTBCM.

 

 

 

 

sounds like you are running an MSDE version.

This is basicaly one that is bundled with some software you are using

Share this post


Link to post
Share on other sites
sounds like you are running an MSDE version.

This is basicaly one that is bundled with some software you are using

Thanks! That clears that up.

 

Edit: Yup you're right, it comes from Microsoft Outlook with Business Contact Manager from the Office 2003 installation. Funny thing is I've never even opened it once.

Share this post


Link to post
Share on other sites
Guest pedro319

Hi

I am using Microsoft Baseline Security Analyzer v1.2.1 .

I went and checked out the new version (MBSA) 2.0.

There are 4different downloads.

MBSASetup-DE.msi

1262 KB

 

MBSASetup-EN.msi

1250 KB

 

MBSASetup-FR.msi

1271 KB

 

MBSASetup-JA.msi

1419 KB

I do not know if or what ones to download.

I am using windowsXP Home Service Pack 2 all the latest Microsoft updates.

Only using 1 computer.

 

This shows how little i know but i have been trying to learn :(

Thanks for any help.

Cheers

Share this post


Link to post
Share on other sites
Guest pedro319

Hi and thanks rridgely

 

Shows how silly i am :blink:

 

I shall go and download it now

 

Cheers pedro

Share this post


Link to post
Share on other sites
Hi and thanks rridgely

 

Shows how silly i am  :blink:

 

I shall go and download it now

 

Cheers pedro

 

 

 

hi thanks guys forgot about baseline just downloaded it and ran but lucky all ok.

Share this post


Link to post
Share on other sites

Hi TwistedMetal,

 

I had a question on the MBSA 2.0...in the results.txt file (which is essentially a log file generated after the MBSA scan) what are the usual risk levels? I scanned a few machines and received the following output in results.txt -

 

1. Potential Risk

2. Severe Risk

 

Are there any more risk types observed? (Like for e.g. Critical Risk?)

 

Any feedback on this from our members is highly appreciated.

 

Thanks!

Share this post


Link to post
Share on other sites

Hi All,

 

I need some help on MBSA 2.0. I installed the tool on my machine, but due to some reason, even if MBSA is installed in C:\Program Files, it is not downloading the catalog files in C:\Documents and Settings\akulkarn\Local Settings\Application Data\Microsoft\MBSA\2.0\Cache. This is happening on one of the test boxes I have, and I googled to find the solution to this problem, but no luck. I always get the error 'The catalog file is corrupt' when I perfrom MBSA scan on this test box. This box is loaded with the latest XP version, and I checked the Internet settings to verify that it is not offline (this could prevent the catalog files to be downloaded by the update agent).

 

I have somehow managed to reach the conclusion that due to soem reason, the catalog files are not downloading properly when I install MBSA 2.0 on this computer. This is happening in spite of repeated uninstalls and installs.

 

Could someone help me out?

 

Thanks!

 

abhijit

 

 

 

Microsoft Baseline Security Analyzer (MBSA) 2.0 is an easy-to-use tool that helps small and medium businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems. Built on the Windows Update Agent and Microsoft Update infrastructure, MBSA ensures consistency with other Microsoft management products including Microsoft Update (MU), Windows Server Update Services (WSUS), Systems Management Server (SMS) and Microsoft Operations Manager (MOM). Used by many leading third party security vendors including Tivoli, Patchlink and Citadel, MBSA on average scans over 3 million computers each week. Join the thousands of users that depend on MBSA for analyzing their security state.

 

Link: Microsoft Baseline Security Analyzer 2.0

 

 

 

Share this post


Link to post
Share on other sites
I have somehow managed to reach the conclusion that due to soem reason, the catalog files are not downloading properly when I install MBSA 2.0 on this computer. This is happening in spite of repeated uninstalls and installs.

 

 

 

Do you have some sort of firewall alert, etc. Perhaps MBSA needs a firewall allow rule created for Internet access. Also using filtering software in the proxy settings of Internet Explorer can foul up some software when they want to download something.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...