Join Lisa Bock for an in-depth discussion in this video Using the Microsoft Baseline Security Analyzer (MBSA), part of IT Security Foundations: Operating System Security.
- The Microsoft Baseline Security Analyzer is a free tool used either on a PC or server operating system that identifies all security issues, along with ensuring current updates have been applied. This should be used as part of an overall security plan. Now, why would you use this? Let's say for example that you purchase a computer and you bring it home and it seems fresh out of the box. Well, most likely it has sat on the shelf for a couple of weeks and automatically those patches and updates have been outdated.
Or, maybe you got a hand-me-down computer from a friend or family member. The Microsoft Baseline Security Analyzer is great to use in either of those cases. The Microsoft Baseline Security Analyzer will check the health of your system. It's going to check to see if you have passwords, if they're missing or are weak. It's going to see if you have patches, or if they need updated. Also, it's going to check the guest account, whether or not you want to turn off the guest account ,and also ensure that you have appropriate firewall protection.
Let's take a look, I'm in Windows 7, and I'm going to go into Internet Explorer and put in Bing in my search engine, "Microsoft Security Baseline Analyzer." Here it said, "Download Baseline Security Analyzer." Now, after selecting the appropriate download, I placed it on my desktop and I'm going to simply "Run." Now, the setup's pretty easy, it just steps you through, telling you you want to close all Windows programs accept the license agreement, and if you want to take a look at it.
I usually default as to what folder and file it puts it in and then I'll let it install. It has installed, now I'm going to double-click. And here, where it says it gives you some choices as to what I want to scan, I'm going to to scan a computer, it knows the computer's name, and I'm going to say Start the Scan. Now, the report is organized into several sections which might require additional actions required to resolve any problems that the Analyzer detected.
Now, this is an older operating system and I expected that we would find a lot of issues which is what I'm going to talk about. Now, what we see is the different scan result. When you see a red X, it's showing that there is some serious issues. In this case, you can see the security updates are missing, and four service packs or update rollups are missing. This will give you details on how to correct this, and then down below here we see a little bit more on administrative vulnerabilities.
Such as, local account password test. Now, this would include things such as three out of five have blank or simple passwords or could not be analyzed. I know, because I didn't give one of the users a password. Automatic updates, this has not been configured on this computer. This is a good one to update and fix immediately. Password expiration, all user accounts have non-expiring passwords. Now you can see it goes into some more information, and ways that you can correct this.
So as you can see, it's a very simple tool to use, and it will help to keep your computer secure.
Note: This training maps to a number of the exam topics on the Microsoft Technology Associate (MTA) Security Fundamentals exam (98-367). See https://www.microsoft.com/learning/en-us/exam-98-367.aspx for more information.
- Creating strong passwords
- Understanding biometric security
- Adjusting permission behavior
- Enabling auditing
- OS hardening
- Using the Microsoft Baseline Security Analyzer
- Protecting email