cancel
Showing results for 
Search instead for 
Did you mean: 

Microsoft Baseline Security Analyser

N/A

Microsoft Baseline Security Analyser

For anyone who insists on running Microsoft products at home (yes, I include myself in this group) I'd recommend installing and running this tool. You might want to take some of its recommendations with a pinch of salt but it is good at picking up on missing patches not just for Windows itself but also other products such as SQL Server which have a number of serious vulnerabilities in their unpatched state.

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/Tools/mbsahome.asp

I think the only way to get a perfect score with this utility is to have your computer switched off in a locked box in a room with no doors or windows but knowledge is power and you will most likely find out something that you didn't know by running a scan. Full instructions on fixing any vulnerability are given. Don't be surprised if you can't download any of the patches today though - Microsoft seems to be a bit overloaded at the moment.

Jon.
4 REPLIES
N/A

MSSBA

Hi,
Yes! the security base line analyser is a very nice tool & have used it in the past and would recommend its use too. As for Microsoft's website I've had absolutely no problems with accessing it at all, early this evening. I dont think one should believe all the hype and rubbish talked about on TV or in the press as much of it isnt completely true. :-)

Ivan
N/A

Re: MSSBA

Quote
I dont think one should believe all the hype and rubbish talked about on TV or in the press as much of it isnt completely true. :-)


I think you've hit the nail on the head there, Ivan!

I noticed a couple of news reports yesterday and earlier-on today, in which it was stated Microsoft was bracing itself for the culmination of this attack, expected to be directed specifically against its own corporate centres. Yet, as the Force9 advisory notice made plain, a fix has been produced prior to an attack materialising, so MS has had some time in which to protect itself, and, in any case, even Windows PCs which otherwise would be vulnerable (not having had the corrective service applied) can be protected by virtue of being behind a firewall, which, of course. MSs corporate systems are.

And, as the subsequent Force9 notice added, they had themselves blocked two of the ports (135 and 445, I think?), although MS had subsequently changed their advice and added two more ports (perhaps Force9 saw it in time to block those as well?), so even home users with vulnerable machines and no firewall of their own would have gained a degree of safety as a result of Force9's preventive measure.
N/A

Microsoft Baseline Security Analyser

cytek: I wasn't suggesting that Microsoft was suffering from the blaster attack I was just passing on my experiences - I had been trying to download the MS03-031 patch for SQL Server 2000 for several hours and kept getting timeouts on the link to the download although the descriptive page was being served fine.

Eventually a colleague found a different location for the same download - http://www.microsoft.com/downloads/details.aspx?displaylang=en&familyid=9814ae9d-bd44-40c5-add3-b8c9... and we got it with no problem.

No hype there!

Jon.
N/A

OK Fair enough Mate

Hi Bigjon,

Yep! OK fair enough!! I can see where your coming from.

Ivan