News

Microsoft Baseline Security Analyzer Preview

When it’s released, the new Microsoft Baseline Security Analyzer (MBSA) tool that Microsoft Corp. announced a couple of weeks ago will fulfill a long-sought requirement of Windows systems administration: A free hotfix management tool with a GUI interface and HTML reporting capabilities.

According to Lara Sosnosky, a security program manager with Microsoft, MBSA will supplant the Microsoft Personal Security Advisor, a hotfix testing service for Windows NT 4.0 Workstation, Windows 2000 Professional and Windows XP Professional systems that Microsoft unveiled, in conjunction with Shavlik Technologies, in August 2001.

"MBSA will actually be replacing MPSA. The reason that we’re replacing it is that MBSA is a superset of all of the MPSA checks," she says. "MPSA was really targeted for desktop configurations. It was an ActiveX control that could run only on a system itself. MBSA is a self-contained tool that can run locally or remotely against servers or workstations."

MBSA will also leverage Microsoft’s highly successfully HFNetChk hotfix management tool. "MBSA actually calls HFNetChk," she says. "It doesn’t bundle it separately, but it runs HFNetChk from within the tool engine itself."

Microsoft plans to continue to support the standalone HFNetChk tool, Sosnosky says, for the simple reason that many Windows administrators prefer a command-line interface to that of a GUI.

MBSA, which is expected to debut by the end of March, will run locally on Windows 2000 and Windows XP. At the same time, MBSA will incorporate scanning support for remote Windows NT 4.0, Windows 2000, Windows XP and Windows .NET Server systems, Sosnosky asserts. In addition, MBSA boasts the ability to scan IIS configurations running on all four platforms –- although .NET Server and IIS 6.0 aren’t officially supported because they haven’t yet been released -– and can also probe SQL Server, Internet Explorer and Office configurations for hotfix compliance, as well.

Microsoft has steadily improved the features and capabilities of its hotfix management toolset, in the process cutting into the market segments of vendors such as Shavlik Technologies, St. Bernard Software, Configuresoft and Gravity Storm Software, which have traditionally provided pay-for-use GUI-based hotfix management tools. Still, MBSA still lacks many of the features –- including a robust reporting engine and the ability to remotely patch vulnerable systems -– that these vendors have long provided.

According to Shavlik President Mark Shavlik, his company has assisted Microsoft with the development of many of its hotfix-checking tools, including MBSA. Rather than cutting into the market share for his company’s pay-for-use tools, he maintains, Shavlik’s cooperation with Microsoft has fueled its growth.

"The ability to work with Microsoft so closely on this security management initiative has really helped us to grow in this emerging market," he says.

Similarly, Shavlik says, his company’s pay-for-use HFNetChk Pro tool extends the functionality of MBSA. For example, Microsoft’s new tool can create HTML reports, but lacks a facility to automatically export them. "Right now, for version 1.0, you can copy and paste reports. We have an action button to paste [report data] into Excel," Sosnosky says.

Shavlik’s HFNetChk Pro utility, on the other hand, is able to export reports to a variety of repositories. Similarly, Shavlik says, HFNetChk Pro, like most of its pay-for-use competitors, boasts a hotfix push mechanism that can update vulnerable systems remotely.

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.

Featured

  • How To Use .CSV Files with PowerShell, Part 1

    When it comes to bulk administration, few things are handier than .CSV files. In this two-part series, Brien demos his top techniques for working with .CSV files in PowerShell. First up: How to create a .CSV file.

  • SameSite Cookie Changes Rolled Back Until Summer

    The Chromium Project announced on Friday that it's delaying enforcement of SameSite cookie changes, and is temporarily rolling back those changes, because of the COVID-19 turmoil.

  • Basic Authentication Extended to 2H 2021 for Exchange Online Users

    Microsoft is now planning to disable Basic Authentication use with its Exchange Online service sometime in the "second half of 2021," according to a Friday announcement.

  • Microsoft Offers Endpoint Configuration Manager Advice for Keeping Remote Clients Patched

    Microsoft this week offered advice for organizations using Microsoft Endpoint Configuration Manager with remote Windows systems that need to get patched, and it also announced Update 2002.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.