Microsoft Baseline Security Analyzer (MBSA) is a free security and vulnerability assessment scan tool for Windows administrators, security auditors, and IT professionals. MBSA helps users to easily assess the security state of Windows machines and includes a graphical and command line interface that can perform local or remote scans of Microsoft Windows systems.
The latest version of Microsoft Baseline Security Analyzer 2.2 builds on the previous MBSA 2.1.1 version that asupports Windows 7 and Windows Server 2008 R2 and corrects minor issues reported by customers.
As with the previous MBSA versions, MBSA 2.2 includes 64-bit installation, security update and vulnerability assessment (VA) checks and support for the latest Windows Update Agent (WUA) and Microsoft Update technologies. More information on the capabilities of MBSA is available on the MBSA Web site.
MBSA runs on Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, Windows XP and Windows 2000 systems and will scan for missing security updates, rollups and service packs using Microsoft Update technologies.
MBSA will also scan for common security misconfigurations (also called Vulnerability Assessment checks) using a known list of less secure settings and configurations for all versions of Windows, Internet Information Server (IIS) 5.0, 6.0 and 6.1, SQL Server 2000 and 2005, Internet Explorer (IE) 5.01 and later, and Office 2000, 2002 and 2003 only.
To assess missing security updates, MBSA will only scan for missing security updates, update rollups and service packs available from Microsoft Update. MBSA will not scan or report missing non-security updates, tools or drivers.
Supported Operating Systems: Windows 2000; Windows 7; Windows Server 2003; Windows Server 2008; Windows Server 2008 R2; Windows Vista; Windows XP.