Check Windows Security Status With Free Microsoft Baseline Security Analyzer 2.2

imageIntrusion detection systems do a good job (or so I’m told), in protecting physical environments against desperados and trespassers. But, creating an access point by leaving a window or a door open, obviously reduces the efficiency of such a system.

Computer intrusion detection systems are no different – leaving a window open in Windows (if you’ll pardon the expression), can result in an illegal intrusion that can often remain undetected.

To help you assess the overall state of security on your computer (and close any open windows in Windows), Microsoft provides a free scanning tool – Microsoft Baseline Security Analyzer 2.2 (MBSA), last updated in October, which will scan your system and provide you with a report on your computer’s security, based on Microsoft security recommendations.

MBSA includes both a graphical and a command line interface, that can perform local or remote scans of Microsoft Windows systems.

Scanning Options:

For each scan, the following options can be enabled, or disabled, as needed, in the MBSA user interface:

Check for Windows administrative vulnerabilities – scans for security issues such as Guest account status, file-system type, available file shares, and members of the Administrators group.

Check for weak passwords –  checks computers for blank and weak passwords during a scan.

Check for Internet Information Services (IIS) administrative vulnerabilities.

Check for SQL administrative vulnerabilities – checks for the type of authentication mode, account password status, and service account memberships.

Check for security updates (missing updates) – scans for missing security updates for the products published to the Microsoft Update site only.

The two areas, in the report, you will find most useful as a home user, are:

Security misconfiguration (less secure settings and configurations).

Missing security updates and service packs (if any).

The report will provide you with specific steps to take, should the application find issues.

The following screen capture from my test machine, illustrates the results of a typical scan – click to expand to original size.

Baseline Analyzer

In order to run a scan with MBSA, you may need the IP address of your computer – the easy way to obtain this is here.

System Requirements: Windows 2000; Windows 7; Windows Server 2003; Windows Server 2008; Windows Server 2008 R2; Windows Vista; Windows XP; Windows XP Embedded. (32 bit and 64 bit).

Download at: Microsoft

Note: Microsoft recommends viewing the readme.html file, before running MBSA the first time. If your a typical user I don’t think this is necessary, but….

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under Application Vulnerabilities, Computer Audit Applications, Don't Get Hacked, downloads, Freeware, Microsoft, Security Rating Applications, Software, System Security, Utilities, Windows 7, Windows Vista, Windows XP

6 responses to “Check Windows Security Status With Free Microsoft Baseline Security Analyzer 2.2

  1. Pingback: » Check Windows Security Status With Free Microsoft Baseline … RWPS

  2. John

    I’ve used this program. It’s an excellent tool to see the general overall picture and it’s quite user-friendly.

    Now, isn’t Bill supposed to be off this week! 🙂

    • Hi John,

      Good to get your opinion on this.

      I have this problem – I can’t seem to stay away – vacation or not. lol

      I might just have to rewrite that old article on Internet addiction. 🙂


  3. Hey Bill. Thanks for this great article, especially since you’re supposed to be on vacation! The Microsoft Baseline Security Analyzer seems like an easy tool to use. Do you know how often you should run the scanner to make sure that you’re always on top of your computer’s security?

    • Hi Alexandra,

      I hear ya. 🙂

      I only use this tool when I do a personal system setup. Since I reformat all my home machines twice a year though, this tool really comes in handy in assessing what needs to be addressed.

      Happy New Year to you, and all the good people at TuneUp Utilities.



  4. ace

    I do this every three month, to keep the system healthy.