Windows Server 2008 doesn’t have to ignore the MBSA if you don’t want it to

  • Article

The Microsoft Baseline Security Analyser (MBSA) is an excellent free tool by Microsoft that provides a simple and easy-to-use method of identifying common security misconfigurations for your Microsoft Windows computers.  The current version (MBSA 2.1) runs on Windows Server 2008, Windows Vista, Windows Server 2003, Windows XP and Windows 2000 and will scan all systems, most installed Windows components, and applications such as Internet Information Server (IIS) 5.0, 6.0 and 7.0, SQL Server 7.0, 2000 and 2005, Internet Explorer (IE) 5.01 and later, and Office 2000, 2002 and 2003.

 

A problem you might come up against however is that Windows Server 2008 computers by default have all the security settings turned on.  Consequently, when you try to scan them, you see the below error appear in the MBSA console “Could not resolve the computer name: Please specify computername.”:

image image

 

This is nothing to worry about and can be quickly remedied by enabling (only temporarily if necessary) the file sharing feature.  To do this, just open the Network and Sharing Centre and select the radio button as displayed in the image below.

image

Once enabled, you can restart the scan and all should work correctly.  So start checking your security right now by downloading the tool here: www.microsoft.com/downloads/details.aspx?familyid=F32921AF-9DBE-4DCE-889E-ECF997EB18E9&displaylang=en

 

I recommend that you read the Frequently Asked Questions page as there is some important information there, particularly if you wish to scan computers that don’t have internet connections (or connections that are perhaps restricted by a proxy server).  The MBSA needs to download the latest security catalogue from Microsoft over the internet, but if the computer does not have internet access then the process will fail.  In the FAQ are the instructions required in order to manually download the files from a different machine that does have internet access in order to manually update the catalogue on the computer running the MBSA.