MBSA Download – Microsoft Baseline Security Analyzer

Keep on Guard!


Microsoft Baseline Security Analyzer or MBSA is a free Windows Tool that provides a streamlined method to identify missing security updates and common security misconfigurations.

MBSA Download - Microsoft Baseline Security Analyzer


Recently we mentioned MSAT – Microsoft Security Assessment Tool and I recalled another tool which came out originally years and years ago and I’ve personally found useful in a few situations.

It’s good when you’re working on a Domain/Group Policy and you want to lock down one machine nice and tight, it can give some pretty good pointers as to how you can secure it further.

What is MBSA – Microsoft Baseline Security Analyzer?

Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool that helps small and medium businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems. Built on the Windows Update Agent and Microsoft Update infrastructure, MBSA ensures consistency with other Microsoft management products including Microsoft Update (MU), Windows Server Update Services (WSUS), Systems Management Server (SMS), System Center Configuration Manager (SCCM) 2007, and Small Business Server (SBS).

In order to provide support for Windows Vista, Windows Server 2008, 64-bit scan tool and vulnerability assessment check support, new Windows Embedded support, and compatibility with the latest versions of the Windows Update Agent (WUA) Microsoft Baseline Security Analyzer (MBSA) 2.1 is now available.


New Features found in MBSA 2.3

  • Ability to choose offline mode from graphical and command-line interfaces (/offline option)
  • Support for additional security catalogs (for future use)
  • Command-line option to obtain catalogs from user-selected directory or network share using /cabpath option
  • Compatibility with WSUS 3.0 technologies and the latest Windows Update Agent features
  • All vulnerability assessment (VA) checks have been extended to work on x64 (64-bit) platforms
  • Updated graphical user interface
  • Command-line option to redirect reports to a user-selected directory or network share using /rd option
  • Consistency with Windows Update, Microsoft Update, Windows Server Update Services (WSUS) server, Systems Management Server (SMS) 2003 and System Center Configuration Manager (SCCM)
  • Access to the live Microsoft Update site for published content for live (online) security update assessment as well as an offline catalog for customers with limited or secure internet access.
  • Automatic determination of the client’s assigned WSUS server, eliminating the need to specify the client’s WSUS server before scanning to ensure the correct assigned WSUS server will be used
  • Ability to provide a “not yet approved” score for unapproved WSUS updates
  • Ability to run multiple copies of MBSA for increased scanning performance
  • Current Update Compliance appears in the report; installed and needed updates are reported together in a single scan report
  • Updates that require a restart of the computer will be annotated as the reason for non-compliance both in the GUI and command-line interface
  • Accepts an input file of computers and IP addresses to be scanned
  • Reports can now be easily shared and viewed
  • Structured XML output offers simplified integration for update scanning
  • Ability to pass a specific username and password on the command line for both update scanning and security misconfiguration scanning
  • Option to automatically configure clients with prerequisites to ensure the latest required version of Windows Update Agent needed for scanning
  • Specific Web links for locating updates and taking necessary actions
  • Bulletin severity ratings available in report details
Download MBSA

You can download MBSA 2.3 here:

Microsoft Baseline Security Analyzer 2.3

Or read more here.

Posted in: Security Software

,


Latest Posts:


BootStomp - Find Bootloader Vulnerabilities BootStomp – Find Android Bootloader Vulnerabilities
BootStomp is a Python-based tool, with Docker support that helps you find two different classes of bootloader vulnerabilities and bugs.
Google Chrome Marking ALL Non-HTTPS Sites Insecure July 2018 Google Chrome Marking ALL Non-HTTPS Sites Insecure July 2018
Google is ramping up its campaign against HTTP only sites and is going to mark ALL Non-HTTPS sites insecure in July 2018 with the release of Chrome 68.
altdns - Subdomain Recon Tool With Permutation Generation altdns – Subdomain Recon Tool With Permutation Generation
Altdns is a subdomain recon tool in Python that allows for the discovery of subdomains that conform to patterns. The tool takes in words that could be present in subdomains under a domain (such as test, dev, staging) as well as takes in a list of subdomains that you know of.
0-Day Flash Vulnerability Exploited In The Wild 0-Day Flash Vulnerability Exploited In The Wild
So another 0-Day Flash Vulnerability is being exploited in the Wild, a previously unknown flaw which has been labelled CVE-2018-4878 and it affects 28.0.0.137 and earlier versions
dorkbot - Command-Line Tool For Google Dorking dorkbot – Command-Line Tool For Google Dorking
dorkbot is a modular command-line tool for Google dorking, which is performing vulnerability scans against a set of web pages returned by Google search queries in a given Google Custom Search Engine.
USBPcap - USB Packet Capture For Windows USBPcap – USB Packet Capture For Windows
USBPcap is an open-source USB Packet Capture tool for Windows that can be used together with Wireshark in order to analyse USB traffic without using a Virtual Machine.


Comments are closed.