On 9 August 2005 Microsoft is planning to release 6 Security Bulletins affecting Windows. The highest Maximum Severity rating for these is Critical. These updates will require a restart, and will be detectable using the Microsoft Baseline Security Analyzer (MBSA).The Microsoft Baseline Security (MBSA) is an easy-to-use tool that helps small and medium businesses determine their security state in accordance with Microsoft security recommendations and offers specific guidance for remediation. You can improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems.

http://www.microsoft.com/technet/Security/tools/mbsahome.mspx Microsoft will also release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center.

Hi SpywareDR,
This may be a silly question, but is the MBSA a tool that, say, a single pc-home user can (should) use?...or just businesses?
poppy

You'll likely be surprised at what it can find even on a single PC.

The Microsoft Baseline Security Analyzer (MBSA) is a security assessment tool that allows users to scan one or more Windows 2000, Windows XP, and Windows Server 2003 computers for common security misconfigurations. It can scan a single system or multiple systems across a network.

MBSA scans the operating system, IIS, SQL, and desktop applications, and can check for missing recommended security updates for Windows, Internet Explorer, Windows Media Player, IIS, SQL Server, Exchange, Microsoft Office, Microsoft Data Access Components, Microsoft Virtual Machine, MSXML, BizTalk Server, Commerce Server, Content Management Server, and Host Integration Server.

There's a good page about it over on The Elder Geek:
http://www.theeldergeek.com/baseline_security_analyzer.htm

And more Microsoft.com links here:
http://www.google.com/search?q=%22Microsoft+Baseline+Security+Analyzer%22&hl=en&lr=&ie=UTF-8&safe=off&start=10&sa=N

Thanks for the info SpywareDr...
I'll be following your links.
So far I think I will use.
poppy

You're welcome. :)

I frequently use it too, on all types of various setups. On some it doesn't help much. But on others, I'd hate to have to try and chase down all the problem areas that it found manually.

I see it also hates Fat32 partitions. Dual boot because of certain programs that have to be installed in 98.

And a question, do you have to have the other computers in your admin account to be able to scan them over the network. I have a account in each machine as a admin. Same password too.

Here it is, straight from the horses mouth:

http://support.microsoft.com/default.aspx?kbid=320454 The following list describes the system requirements for the computer you want to scan remotely by using the tool: Windows NT 4.0 Service Pack 4 (SP4) and later, Windows 2000, Windows XP (local scans only on Windows XP-based computers that use simple file sharing), or Windows Server 2003.


IIS 4.0, 5.0, 5.1 or 6.0 (to perform IIS vulnerability checks).


Internet Explorer 5.01 or later (to perform Internet Explorer security zones checks).


SQL 7.0, 2000 (to perform SQL vulnerability checks).


Office 2000, Office XP, or Office 2003 (to perform Office vulnerability checks).


The following services must be installed: Server service, Remote Registry service, File and Print Sharing.

Users who perform the scan must have local administrative credentials on each computer that they want to scan, regardless whether they perform a local scan or a remote scan. For remote scans, the administrative shares must be enabled on the scanned computer for MBSA to successfully connect and perform the scan.

You must have Internet access to download the Mssecure.cab file from the Microsoft Download Center. Mssecure.cab is used for the security updates scan. If a previous copy of the Mssecure.cab file was downloaded during a prior scan, MBSA will try to use the locally cached copy if an Internet connection is not detected.

Well finally went into Folder Options/view and took the check of Use Simple File Sharing and all is well now.

Thanks.

I like that program real well! :D

Doesn’t this seem M$ is doing an audit on your computer, just to attain information about you and your computer, do we actually trust M$? This is too easy, so much information being displayed. I don’t know? Is it just me, when M$ does things for us, I get paranoid. :mad:

Damned if they don't give you enough info, but then damned when they do eh? :)

Ever wonder why a lot of us NEVER put personal info on a computer that can hit the internet. ;)

I just downloaded MBSA and ran it. One of the things that it found was that there was an update for Office 2003. Everytime that I use Windows Update, it says that I need to download updates for


Office XP Alternative User Input Update
Office XP Service Pack 3
Update for Office 2003 French Grammer Checker
Update for Office 2003 French Spelling Checker and Thesaurus
Update for Visio 2003 French Spelling Checker and Thesaurus
Update for Office 2003


The only legitimate update is the last one for Office 2003.

Why am I getting these updates?

How do I get rid them?

I am very diligent about keeping all of my software up to date but it is very frustrating to be getting updates, which are not needed or required.

UPDATE:

I discovered that I had installed FrontPage 2002 and once I uninstalled that program, then the XP updates went away. However, I still have the three French updates.

Cheers,

Linda

;) :rolleyes: :cool:

Look under Incomplete updates and see what is in each of the 3 links.

Believe it or not Office 2000 without any updates is the most secure. Just have to do the Macro security thing. Maybe the same will happen for Office 2003.

BTW, where do I find incomplete updates?

Each update pertains to documents in the French language.

There are no French documents on my computer. Here are the updates that appear on Windows Update.

Update for Office 2003 French Grammer Checker
Update for Office 2003 French Spelling Checker and Thesaurus
Update for Visio 2003 French Spelling Checker and Thesaurus

[/list]

Linda

;) :rolleyes: :cool:

Open this in a new window. (http://home.comcast.net/~copn/web/base.jpg)
I select to View a security reoprt in the left pane, then selcted he report I wanted to view in the R-pane.
scrolled down a bit as you can see, to it.
Hope that helps.