Steve Koehlke, Director of Research & Education
The Microsoft® Baseline Security Analyzer (MBSA) is a tool that allows users to scan one or more Windows®-based computers for common security misconfigurations. MBSA will scan a Windows-based computer and check the operating system and other installed components, such as Internet Information Services (IIS) and SQL Server for security misconfigurations and whether or not they are up-to-date with respect to recommended security updates and hotfixes. Microsoft Baseline Security Analyzer will scan Windows®-based computers running Windows 2000 Professional®, Windows XP®, Windows Server 2000®, and Windows Server 20003®. It will also scan additional Microsoft products like, Exchange, Internet Explorer, MSXML, Microsoft Data Access Component, Office, and Windows Media Player. It can be used to scan an individual computer or multiple computers.
Why do you need it?
Unpatched or underpatched systems and applications on the network can leave the financial institution at risk to various forms of vulnerabilities and attacks. In addition, failure to follow the Information Security Program adopted by the Financial Institution and industry best practices can leave the bank exposed to other risks.
MBSA gives the System Administrator an easy to use tool to examine those devices for potential risks on a regular basis.
The financial institution’s System Administrator should develop a procedure using Microsoft Baseline Security Analyzer to scan every workstation in the network at least quarterly. Once the scan is complete, the administrator should correct any outstanding issues or vulnerabilities discovered by Microsoft Baseline Security Analyzer. When all of the vulnerabilities or issues have been resolved, the System Administrator should keep the printed result of the security scan as a record until the next scan. This method will provide the Administrator with documented proof that the workstations met the financial institution’s Information Security Program guidelines and industry best practices at that point in time. It will also provide a documented measurement of the effectiveness of the Financial Institutions Patch Management solution.