Welcome Sign in
Security TechCenter

MBSA 2.0 Datasheet

Security Initiatives

Published: July 1, 2005

Microsoft continues to make progress on our commitment to help make customers more secure. Our goal is to help customers reduce the risk associated with malicious attacks, as well as to reduce the cost and complexity of managing security threats.

The delivery of Microsoft Baseline Security Analyzer version 2.0 is evidence of our commitment to continued investment in customer security.

MBSA 2.0 incorporates improvements based upon feedback we have heard from customers using our earlier tools. It supports more Microsoft products, checks for key security configurations such as Windows Firewall and Automatic Update settings, and is available in localized versions.

This datasheet details the enhanced features and requirements for MBSA 2.0.

*

On This Page

What is MBSA?

MBSA 2.0 is a tool designed to help small and medium businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Administrators can use MBSA to detect common security misconfigurations and missing security updates on their computer systems. MBSA is capable of local and remote scans across a wide range of Microsoft server and workstation platforms.

 MBSA scans for missing security updates:

  • Windows 2000 SP4 and later Operating Systems and components
  • Microsoft Office XP and later
  • Microsoft Exchange Server 2000 and later
  • Microsoft SQL Server 2000 SP4 and later

 MBSA scans for common configuration vulnerabilities:

  • Is Windows Firewall enabled?
  • Are Automatic Updates enabled?
  • Are strong passwords enforced?
  • Are unsecured Guest accounts enabled?

 

New improvements in MBSA 2.0

MBSA 2.0 includes the scanning abilities of 1.2.1 and adds these additional features:

  • Severity Ratings
  • Locally and remotely scan for Office XP or later security updates
  • Added guidance for locating updates and necessary actions
  • CVE-IDs for supported updates
  • Improved help content
  • Windows Server Update Services compatibility
  • Automatic Microsoft Update registration and agent update
  • Support for detection of updates on 64bit Windows and Windows XP Embedded

 
Localization:

  • Localized MBSA releases are available in English, German, Japanese, and French but supports scanning a machine of any locale.

 
Additional Product Support:

 
Additional Configuration Checks:

  • Incomplete Updates (checks for known updates that require a system restart to take effect)

 

Features List

  • Command-line and Graphical User Interface (GUI) options
  • Scan local computer, remote computer, or groups of computers
  • Scan for common administrative vulnerabilities
  • Scan for missing security updates against the Microsoft Update catalog or locally configured Update Services server
  • Scan using the online Microsoft Update site or an offline catalog for isolated networks
  • Report updates not yet approved on the Update Services server
  • View reports in MBSA or any standard XML viewer
  • Compatibility with other Microsoft security update management tools including Microsoft Update, Windows Server Update Services and Systems Management Server
  • Support for single processor and multiprocessor configurations
  • Specify alternate user name and password for remote administrative vulnerability scanning (as well as for security update scanning)
  • Localized to French, German, and Japanese
  • Maximum security bulletin severity and direct links to related content in the report
  • Support for Windows XP Embedded and 64-bit Windows

 

Products Supported

Checks for common administrative vulnerabilities for:

  • Windows 2000, XP, 2003
  • Windows Server 2003
  • IIS 5.0, 6.0
  • SQL Server 7.0, 2000
  • IE 5.01+
  • Office 2000, XP, 2003

Windows 64-bit edition and Windows XP Embedded are not scanned for administrative vulnerabilities.


Checks for security updates for:

  • Windows 2000 Service Pack 4 and later
  • Microsoft Office XP and later
  • Exchange Server 2000 and later
  • All Windows components (such as IIS, Internet Explorer, MSXML, MDAC, Microsoft Virtual Machine, etc.)
    • DirectX
    • .NET Framework
    • Windows Messenger
    • FrontPage Server Extensions
    • Windows Media Player
    • Windows Script 5.1, 5.5, 5.6
    • Outlook Express
  • SQL Server 2000 SP4 and later
  • Windows 64-bit (x64) edition (Itanium-based computers remote only)
  • Microsoft Windows XP Embedded (Remote Only)

Additional products as published to the Microsoft Update catalog

 

System Requirements

  • Windows 2000 SP4 and later
  • IE 5.01+
  • XML parser (MSXML version 3.0 w/ latest SP)
  • Windows Update Agent 2.0
  • Windows Installer 3.1
  • IIS Common Files (required on local computer when scanning remote IIS computers)
  • Firewall ports
    • Port 80 (HTTP) outbound from scanning computer to download WSUSSCAN.CAB file
    • TCP 135, 139, and 445 inbound to remotely scanned computers and an optionally configured DCOM port on a personal firewall
  • User must be running as local Administrator

 

Required Services

Scanning local computer

  • Workstation and Server service


Remote scanning computer running MBSA

  • Workstation service
  • Client for MS Networks

 
Computer being remotely scanned

  • Server service
  • Remote registry service
  • File & Print Sharing
  • COM+

 

Page view tracker