(Microsoft Baseline Security Analyzer (MBSA

The MBSA provides built-in checks to determine if Windows administrative vulnerabilities are present, if weak passwords are being used on Windows accounts, the presence of known IIS and SQL administrative vulnerabilities, and which security updates are required on each individual system.  The MBSA provides dynamic assessment of missing security updates.  The MBSA can scan one or more computers by domain, IP address range or other grouping.  Once complete, the MBSA provides a detailed report and instructions on how to help turn your system into a more secure working environment. The MBSA will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML.

To use the MBSA tool, users will need either Windows Server 2008 R2, Windows 7, Server 2003, Server 2008, Vista, XP or Windows 2000 and will need administrator privileges sufficient to scan the target computers.

After installing MBSA and running the tool, users are taken to the screen seen below which provides quick access to three different sides of the application.  Users can scan a computer using its name or IP address, scan multiple computers within a domain name or a range of IP addresses, or view existing security scan reports.  There are even more options available through the command-line interface to support scripting and fine-tuned control over MBSA’s scanning and reporting features