(YOUR INSTALLED ITEMS WILL LIKELY BE DIFFERENT FROM THOSE SHOWN HERE
8.65. (Your installed items will likely be different from those shown here.)
Figure 8.65
Checking Previously Installed UpdatesThat’s all there is to analyzing your computer with Windows Update. Later in thischapter we examine the rest of the steps to use Windows Update to select and installupdates onto the local computer.The Microsoft Baseline Security Analyzer
The Microsoft Baseline Security Analyzer (MBSA) is a GUI-based tool that Microsoft devel-oped to detect common security misconfiguration and weaknesses.The MBSA tool can alsobe used from the command line if desired.The current version of MBSA, version 1.1, can berun on a Windows 2000,Windows XP, or Windows Server 2003 computer; it scans formissing hotfixes, weaknesses, and vulnerabilities in the following Microsoft products:■
Windows 2000 Professional, Server, and Advanced Server■
Windows XP Professional■
Windows NT Workstation 4.0, Server 4.0, and Enterprise Edition Server 4.0■
SQL Server 7.0■
SQL Server 2000 Standard, Enterprise, and Conferencing Server■
Internet Information Server 4.0■
Internet Information Services 5.0■
Internet Explorer 5.01 and later■
Office 2000■
Office 2002 (XP)MBSA uses a modified version of the HFNetChk tool to scan for missing hotfixes, ser-vice packs, and other updates. At the completion of the scan, an individual XML outputreport is created for each computer that has been scanned.This report can be viewedimmediately after the completion of the scan or later.When MBSA is executed from theGUI, reports are placed in the SecurityScans folder, which is located in the profile of theuser who ran the scan.For example, if a user named Andrea ran the scan, she could expect to find scan reportslocated at C:\Documents and Settings\Andrea\SecurityScans or wherever her profile pathis pointed.You can use the /f switch to change the location of the output file when you’rerunning the MBSA tool from the command line.In Exercise 8.07, we examine how to use the MBSA tool from the GUI to examine alocal computer and determine its current status. In Exercise 8.08 we perform the same task,this time from the command line. Using the MBSA tool as part of a script or batch file, youcould schedule a regular scan of all your network computers and then examine the resultsafter the scan has completed.You should consider performing a scan such as this one at leastonce per week as your specific situation dictates.The basic syntax of the MBSA tool from the command line is:msbacli.exe [/c domainname\computername] [-i ipaddress] [-d domainname]
[-r range] [/n IIS] [/n OS] [/n password] [/n SQL]
[/n hotfix] [/o %domain% - %computername% (%date%)]
[/e] [/l] [/ls] [/lr report name] [/ld report name]
[/qp] [/qe] [/qr] [/q] [/f]
Table 8.4 details the function of each mbsacli.exe switch.