Microsoft Baseline Security Analyzer V1.2.1
Updated : March 15, 2007
As part of Microsoft’s continued commitment to security and to help with enterprise security compliance, customers are strongly encouraged to upgrade to MBSA 2.0.1 or the MBSA 2.1 beta. Based on Microsoft Update and Windows Server Update Services (WSUS) technologies, MBSA 2.x provides customers with authoritative security results consistent with Microsoft Update and WSUS, provides support for 64-bit and XP Embedded operating systems and includes dynamic support for new Microsoft products as they are released. Customers who meet the WSUS baseline of the latest supported products (found here) should already be using MBSA 2.0.1 in their environments. For customers using products not supported by MBSA 2.0.1, Microsoft Update and WSUS, Microsoft is working with partners to provide a new limited support tool to be released in the future. Like MBSA scan tools, this new legacy scan tool will be provided to Microsoft customers at no charge. Until this limited tool is released, Microsoft encourages customers to use MBSA 2.x and augment those results with MBSA 1.2.1 and the Enterprise Scan Tool for comprehensive security update detection until this new legacy scan tool is released. Microsoft will continue to support MBSA 1.2.1 for legacy security update detection for six months after the new MBSA 2.0 limited scan tool is released (expected in Q2 of 2007). After October 9, 2007, the MSSecure.XML file used by MBSA 1.2.1 will no longer be updated. After this date, no new security updates will be added to the MSSecure.XML file used by MBSA 1.2.1 and no new versions of the Enterprise Scan Tool will be released. Customers should use MBSA 2.0.1 or MBSA 2.1 together with the upcoming limited scan tool for comprehensive security update and vulnerability assessment needs. |
MBSA 1.2.1 is the free, legacy vulnerability assessment tool for the Microsoft platform. Designed for the IT professional, the tool helps with the assessment phase of an overall security management strategy for legacy platforms and products. MBSA Version 1.2.1 includes a graphical and command line interface that can perform local or remote scans of Windows systems. MBSA 1.2.1 will be retired in favor of the newer MBSA 2.x products on October 9, 2007. See the MBSA home page for details.
MBSA 1.2.1 runs on:
- Windows 2000, Windows XP, and Windows Server 2003 systems
MBSA 1.2.1 will scan for common system misconfigurations in the following products:
Windows 2000, Windows XP, Windows Server 2003
Internet Information Server (IIS), SQL Server, Internet Explorer, Office
MBSA 1.2.1 will also scan for missing security updates for the following products:
Windows 2000, Windows XP, Windows Server 2003
Microsoft Data Access Components (MDAC), MSXML, Microsoft Virtual Machine
IIS (4.0 - 6.0), SQL Server (7.0 - 2000), Internet Explorer (5.01, 6.0), Office (2000 - 2003), Exchange Server (5.5 - 2003), Windows Media Player 9, Commerce Server, Content Management Server, BizTalk Server, Host Integration Server
On This Page
Download Now
Detailed Information
Frequently Asked Questions (FAQ)
Additional Resources
Download Now
The following versions of MBSA are available for download:
Detailed Information
Please refer to the MBSA 1.2.1 datasheet for more information about MBSA 1.2.1, including new improvements, features, and system requirements.
Frequently Asked Questions (FAQ)
Please refer to the MBSA 1.2.1 Q&A for answers to commonly asked questions about MBSA and other Microsoft security tools.
Additional Resources
Microsoft Office Visio Connector for the Microsoft Baseline Security Analyzer (MBSA) lets you view the results of a Microsoft Baseline Security Analyzer scan in a clear, comprehensive Microsoft Office Visio network diagram.
Support WebCast: Vulnerability assessment and the Microsoft Baseline Security Analyzer
For More Information (details on new features, scanning options, and bug fixes in 1.2.1) - https://support.microsoft.com/default.aspx?scid=kb;en-us;320454&sd=tech
A technical white paper on MBSA is available for download.
HFNetChk was developed for Microsoft by Shavlik Technologies LLC.