*
Quick Links|Home|Worldwide
Microsoft TechNet*
|TechCenters|Downloads|TechNet Program|Subscriptions|My TechNet|Security Bulletins|Archive
Search for
TechNet Home > TechNet Security > Tools

Microsoft Baseline Security Analyzer

Getting Started

Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small- and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems.

MBSA 2.0

MBSA 2.0 offers an intuitive user interface and more informative dialogs compared to previous versions. Using the new Windows Update Agent and Microsoft Update catalog, MBSA 2.0 has automatically expanding product support.
 

Users who primarily have:

 Windows 2000+ SP3 and later

 Office XP+ and later

 Exchange 2000+ and later

 SQL Server 2000 SP4+

 Other products supported by Microsoft Update

in their environment should switch to MBSA 2.0 today.
 

MBSA 2.0 is compatible with Microsoft Update (MU) and Windows Server Update Services (WSUS) and the SMS Inventory Tool for Microsoft Update (ITMU). MBSA 2.0 offers customers improved Windows component support, expanded platform support for XP Embedded and 64-bit Windows, as well as more consistent and less complex security update management experience.

MBSA 1.2.1

MBSA 1.2.1 is the previous version of MBSA and is provided to allow customers time to migrate to the latest version of MBSA.

Users who have:

 Office 2000

 Exchange 5.0 and 5.5

 Other products supported by MBSA 1.2.1 but not Microsoft Update

in their environment may need to continue to use MBSA 1.2.1 to achieve full update detection.


MBSA 1.2.1 is only compatible with Software Update Services (SUS).

As part of Microsoft’s continued commitment to security and to help with enterprise security compliance, Microsoft released MBSA 2.0 in July 2005 as a free standalone security update scan tool for Microsoft products.


Based on Microsoft Update and Windows Server Update Services (WSUS) technologies, MBSA 2.0 provides customers with authoritative security results consistent with Microsoft Update and WSUS, provides support for 64-bit and XP Embedded operating systems and includes dynamic support for new Microsoft products as they are released. Customers who meet the WSUS baseline of the latest supported products (found here) should already be using MBSA 2.0 in their environments.


For customers using legacy products not supported by MBSA 2.0, Microsoft Update and WSUS, Microsoft is working with partners to provide a new legacy support tool to be released in the future. Like MBSA scan tools, this new legacy scan tool will be provided to Microsoft customers at no charge.


For customers who may be using products that are not supported by WSUS, Microsoft encourages customers to use the earlier MBSA 1.2.1 tool combined with the Enterprise Scan Tool to obtain comprehensive security update detection until this new legacy scan tool is released.


In order to ensure customers have sufficient time for testing and migration, Microsoft will continue to support the MBSA 1.2.1 tool for legacy security update detection for at least 6 months after the new legacy security update tool is made available.


Microsoft expects delivery of this new legacy scan tool in Q1 of 2007.

Additional Links

MBSA Newsgroups

Server: news.microsoft.com
Group: microsoft.public.security.baseline_analyzer

Security Update Management Tools

 

© 2006 Microsoft Corporation. All rights reserved. Terms of Use |Trademarks |Privacy Statement
Microsoft