Upgrade your Internet Experience
Microsoft.com
Welcome Sign in
Resources for IT Professionals
Click to Rate and Give Feedback
TechNet
TechNet Library
TechNet Archive
Security
Tools
MBSA
 Microsoft Baseline Security Analyze...
Microsoft Baseline Security Analyzer V1.2.1
Updated : March 15, 2007

As part of Microsoft’s continued commitment to security and to help with enterprise security compliance, customers are strongly encouraged to upgrade to MBSA 2.0.1 or the MBSA 2.1 beta.

Based on Microsoft Update and Windows Server Update Services (WSUS) technologies, MBSA 2.x provides customers with authoritative security results consistent with Microsoft Update and WSUS, provides support for 64-bit and XP Embedded operating systems and includes dynamic support for new Microsoft products as they are released. Customers who meet the WSUS baseline of the latest supported products (found here) should already be using MBSA 2.0.1 in their environments.

For customers using products not supported by MBSA 2.0.1, Microsoft Update and WSUS, Microsoft is working with partners to provide a new limited support tool to be released in the future. Like MBSA scan tools, this new legacy scan tool will be provided to Microsoft customers at no charge.

Until this limited tool is released, Microsoft encourages customers to use MBSA 2.x and augment those results with MBSA 1.2.1 and the Enterprise Scan Tool for comprehensive security update detection until this new legacy scan tool is released.

Microsoft will continue to support MBSA 1.2.1 for legacy security update detection for six months after the new MBSA 2.0 limited scan tool is released (expected in Q2 of 2007). After October 9, 2007, the MSSecure.XML file used by MBSA 1.2.1 will no longer be updated. After this date, no new security updates will be added to the MSSecure.XML file used by MBSA 1.2.1 and no new versions of the Enterprise Scan Tool will be released.

Customers should use MBSA 2.0.1 or MBSA 2.1 together with the upcoming limited scan tool for comprehensive security update and vulnerability assessment needs.

MBSA 1.2.1 is the free, legacy vulnerability assessment tool for the Microsoft platform. Designed for the IT professional, the tool helps with the assessment phase of an overall security management strategy for legacy platforms and products. MBSA Version 1.2.1 includes a graphical and command line interface that can perform local or remote scans of Windows systems. MBSA 1.2.1 will be retired in favor of the newer MBSA 2.x products on October 9, 2007. See the MBSA home page for details.

MBSA 1.2.1 runs on:

  • Windows 2000, Windows XP, and Windows Server 2003 systems

MBSA 1.2.1 will scan for common system misconfigurations in the following products:

  • Windows 2000, Windows XP, Windows Server 2003

  • Internet Information Server (IIS), SQL Server, Internet Explorer, Office

MBSA 1.2.1 will also scan for missing security updates for the following products:

  • Windows 2000, Windows XP, Windows Server 2003

  • Microsoft Data Access Components (MDAC), MSXML, Microsoft Virtual Machine

  • IIS (4.0 - 6.0), SQL Server (7.0 - 2000), Internet Explorer (5.01, 6.0), Office (2000 - 2003), Exchange Server (5.5 - 2003), Windows Media Player 9, Commerce Server, Content Management Server, BizTalk Server, Host Integration Server

On This Page

Download Now
Detailed Information
Frequently Asked Questions (FAQ)
Additional Resources

Download Now

The following versions of MBSA are available for download:

Detailed Information

Please refer to the MBSA 1.2.1 datasheet for more information about MBSA 1.2.1, including new improvements, features, and system requirements.

Frequently Asked Questions (FAQ)

Please refer to the MBSA 1.2.1 Q&A for answers to commonly asked questions about MBSA and other Microsoft security tools.

Additional Resources

© 2009 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks | Privacy Statement
Page view tracker