Using the Microsoft Baseline Security Analyzer (MBSA)

Summary

How to use the Microsoft Baseline Security Analyzer (MBSA)

Body

Overview

 

The Microsoft Baseline Security Analyzer (MBSA) is a software tool that helps determine the security of your Windows computer based on Microsoft’s security recommendations. MBSA can be used to improve your security management process by analyzing a computer or a group of computers and detecting missing patches/updates and common security misconfigurations. After you run a MBSA scan, the tool will provide you with specific suggestions for remediating security vulnerabilities. An MBSA scan can reduce and eliminate possible threats caused by security configuration problems and missing security updates. This document explains how to use MBSA from the graphical user interface (GUI).


Note: System administrators who wish to use the command line tool for scanning multiples systems remotely should refer to Microsoft’s How To: Use the Microsoft Baseline Security Analyzer.

 

Detail

 

Getting Started

Before installing MBSA, make sure that your computer meets the following minimum requirements:

  • In order to perform a scan you MUST have administrator privileges.
  • Software:
    • The latest Windows Update Agent (WUA) client. MBSA automatically updates computers that need an updated WUA client if Configure computers for Microsoft Update and scanning prerequisites is selected.
    • IIS 5.0, 5.1 or 6.0 (required for IIS vulnerability checks).
    • SQL Server 2000 or MSDE 2.0 (required for SQL vulnerability checks).
    • For the Operating System and Microsoft Office minimum requirements, please see the information at http://msdn.microsoft.com/en-us/library/aa302360.aspx.

MBSA performs the following actions during a scan:

  • Checks for available updates to the operating system, Microsoft Data Access Components (MDAC), MSXML (Microsoft XML Parser), .NET Framework, and SQL Server.
  • Scans a computer for insecure configuration settings. When MBSA checks for Windows service packs and patches, it includes in its scan Windows components, such as Internet Information Services (IIS) and COM+.
  • Uses Microsoft Update and Windows Server Update Services (WSUS) technologies to determine what updates are needed.

 

Installing the MBSA Tool (select to expand)

 

Scanning Your System (select to expand)

 

How to Interpret the MBSA Scan Reports​​ (select to expand)

 

MBSA Scan Summary Sections​​ (select to expand)

 

Analyzing the Scan​​ (select to expand)

 

Related Information

 

Requirements for Performing Remote Scans

System administrators can also run remote scans by selecting either the Check for IIS vulnerabilities or the Check for SQL vulnerabilities option. If you are not a system administrator, you should not run these scans. Contact the Technology Help Desk if you have questions or need assistance resolving problems uncovered by these scans.


Note: If either of these services is unavailable or disabled, the scan results will indicate this. The scan will result in an error if these services do not have an exception configured in the Windows Firewall.

Uploaded Image (Thumbnail)

 

Details

Details

Article ID: 21
Created
Mon 7/10/23 10:40 AM
Modified
Tue 10/22/24 8:00 AM

Related Services / Offerings

Related Services / Offerings (1)

SECURE COMPUTING The University of Pittsburgh has a robust series of security controls to protect from threats including Enterprise Spam and Virus Filter with Exchange Online Protection and Microsoft Defender for Endpoint.