NCIRC Security Tools NIAPC Submission Summary Microsoft Baseline Security Analyzer (MBSA)



Similar documents
LESSON Windows Server Administration Fundamentals. Understand Updates

Implementing Security Update Management

KB Microsoft Network Security Hotfix Checker (Hfnetchk.exe) Tool Is Available

Before deploying SiteAudit it is recommended to review the information below. This will ensure efficient installation and operation of SiteAudit.

BlackBerry Enterprise Server Express System Requirements

FreeFlow Core, Version 4.0 August P Xerox FreeFlow Core Security Guide

NCIRC Security Tools NIAPC Submission Summary Harris STAT Scanner

1. Server Microsoft FEP Instalation

Microsoft Security Bulletin MS Important

Windows Enterprise WSUS Server Proposal Steven L. Kunz (ITS) May 16, 2006

Medical Device Security Health Group Digital Output

Date: 9/19/2013 Windows Server 2003 EndoWorks 7 Windows Updates Description Tested Pass/Fail Date

Securing Your Network Environment. Software Distribution & Patch Management

inforouter V8.0 Server & Client Requirements

Microsoft Software Update Services and Managed Symantec Anti-virus. Michael Satut TSS/Crown IT Support

Audit Tools That Won t Break the Bank

Kaseya 2. User Guide. Version 7.0. English

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak CR V4.1

How To Deploy Software Updates Using SCCM 2012 R2

How to Configure Windows Firewall on a Single Computer

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DR V2.0

ms-help://ms.technet.2005mar.1033/security/tnoffline/security/smbiz/winxp/fwgrppol...

Using Microsoft Baseline Security Analyzer 2.2 and Windows Update

Microsoft Windows Server Update Services Questions & Answers About The Product

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Capture Link Server V1.00

System Management. What are my options for deploying System Management on remote computers?

HP Server Automation Enterprise Edition

Practice Management Installation Guide. Requirements/Prerequisites: Workstation Requirements. Page 1 of 5

TECHNICAL VULNERABILITY & PATCH MANAGEMENT

HSLAB Print Logger 5 Installation Guide

HP OpenView Patch Manager using Radia Version 3.0

FEATURE COMPARISON BETWEEN WINDOWS SERVER UPDATE SERVICES AND SHAVLIK HFNETCHKPRO

Table of Contents. Introduction...9. Installation Program Tour The Program Components...10 Main Program Features...11

2. Installing GFI LANguard Network Security Scanner

G/On. Basic Best Practice Reference Guide Version 6. For Public Use. Make Connectivity Easy

GFI LANguard 9.0 ReportPack. Manual. By GFI Software Ltd.

Patch Management Marvin Christensen /CIAC

Where can I install GFI EventsManager on my network?

Unicenter Patch Management

Microsoft SQL Server Express 2005 Install Guide

Connecticut Justice Information System Security Compliance Assessment Form

Patch management with WinReporter and RemoteExec

Océ Large Format Systems. Optimizing Security. Administrator manual Security information

Delphi+ System Requirements

System Security Requirements

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

AVG 8.5 Anti-Virus Network Edition

FREQUENTLY ASKED QUESTIONS

Active Network Monitor

Project Server hardware and software requirements

DCA Local Print Agent Push Install

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Medical Image Manager (MIM) Version 6.1.

Print Audit Facilities Manager Technical Overview

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.

AVG 9.0 Internet Security Business Edition

HoneyBOT User Guide A Windows based honeypot solution

Black Box Penetration Testing For GPEN.KM V1.0 Month dd "#$!%&'(#)*)&'+!,!-./0!.-12!1.03!0045!.567!5895!.467!:;83!-/;0!383;!

Migrate to Windows Small Business Server 2011 Standard from Windows Small Business Server 2008

Chapter 4 Application, Data and Host Security

GFI Product Manual. Deployment Guide

Patch management and security. updates SIMATIC. Process Control System PCS 7 Patch management and security updates. Preface 1

Microsoft Baseline Security Analyzer (MBSA)

TrueEdit Remote Connection Brief

Forefront Endpoint Protection. Jack Cobben

Exhibit B5b South Dakota. Vendor Questions COTS Software Set

Audit4 Installation Requirements

Kerio Outlook Connector (Offline Edition)

Troubleshooting pcanywhere plug-in Deployment

MyAccess installation guide for non-myplace clients

Before You Begin, Your Computer Must Meet the System Requirements

Client System Requirements for Brainloop Secure Dataroom as of Version 8.30

How To Install Powerpoint 6 On A Windows Server With A Powerpoint 2.5 (Powerpoint) And Powerpoint On A Microsoft Powerpoint 4.5 Powerpoint (Powerpoints) And A Powerpoints 2

GFI Product Manual. Administrator Guide

GFI Product Manual. Administrator Guide

Using Microsoft s Free Security Tools Help Secure your Windows Systems taken from Web and Other Sources by Thomas Jerry Scott November, 2003

Overview - Using ADAMS With a Firewall

Lumension Endpoint Management and Security Suite Patch and Remediation 7.0 Service Pack 1 Migration Guide

Windows XP Service Pack 2 Windows Firewall Group Policy Setup for Executive Software Products

Overview - Using ADAMS With a Firewall

INSTALLING SQL SERVER 2012 EXPRESS WITH ADVANCED SERVICES FOR REDHORSE CRM

LOCAL PRINT AGENT OVERVIEW

Patch Management Table of Contents:

ivos Technical Requirements V For Current Clients as of June 2014

Trend Micro OfficeScan 10.6 SP2 System Requirements

WhatsUp Gold v16.2 MSP Edition Deployment Guide This guide provides information about installing and configuring WhatsUp Gold MSP Edition to central

Q A F 0 3. ger A n A m client dell dell client manager 3.0 FAQ

Outsource IT Services

Networking Best Practices Guide. Version 6.5

RSA Authentication Agent 7.1 for Microsoft Windows Installation and Administration Guide

Vulnerability Scanning and Patch Management

Transcription:

NCIRC Security Tools NIAPC Submission Summary Microsoft Baseline Security Analyzer (MBSA) Document Reference: Security Tools Internal NIAPC Submission NIAPC Category: Operating System Security Management Date Approved for Submission: 24-04-2007 Evaluation/Submission Agency: NCIRC Issue Number: Draft 0.01 NATO UNCLASSIFIED RELEASABLE TO THE INTERNET

TABLE of CONTENTS 1 Product...3 2 Category...3 3 Role...3 4 Overview...3 5 Certification...3 6 Company...3 7 Country of Origin...3 8 Web Link...3 9 Product Description...3 10 Product Requirements...4 11 Limitations...4 12 Evaluation/Review Conclusions/Comments...5 NATO UNCLASSIFIED RELEASABLE TO THE INTERNET Page 2 of 5

1 Product Microsoft Baseline Security Analyzer (MBSA) versions 1.2.1 and 2.0. 2 Category Operating System Security Management. 3 Role Vulnerability audit and patch reporting. 4 Overview Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed to determine the security state of MS operating system based computers in accordance with Microsoft security recommendations and offers specific remediation guidance. 5 Certification This product has not undergone certification. 6 Company Microsoft Inc. 7 Country of Origin USA. 8 Web Link http://www.microsoft.com/technet/security/tools/mbsahome.mspx. 9 Product Description MBSA 2.0.1 is compatible with Microsoft Update and Windows Server Update Services and the SMS Inventory Tool for Microsoft Update (ITMU). MBSA 2.0.1 offers customers improved Windows component support, expanded platform support for XP Embedded and 64-bit Windows, as well as more consistent and less complex security update management experience. Any update published on Microsoft Update as a security update, update rollup, or service pack can be scanned using MBSA 2.0. These updates have been defined by Microsoft as follows: Security update A broadly released fix for a product-specific security-related vulnerability. Security vulnerabilities are rated based on their severity which is indicated in the Microsoft security bulletin as critical, important, moderate, or low. NATO UNCLASSIFIED RELEASABLE TO THE INTERNET Page 3 of 5

Update rollup A tested, cumulative set of hot fixes, security updates, critical updates, and updates packaged together for easy deployment. A rollup generally targets a specific area, such as security, or a component of a product, such as Internet Information Services (IIS). Service pack A tested, cumulative set of all hot fixes, security updates, critical updates, and updates, as well as additional fixes for problems found internally since the release of the product. Service packs may also contain a limited number of customer-requested design changes or features. If you have corporate hotfixes installed on the scanned computer, detection will observe those updates based on file version as determined by Microsoft. Typically files with a newer than expected version would be accepted, unless Microsoft had determined that a higher versioned file was not secure, in which case the update would be offered in the report. Because clients can be scanned using an online source (Microsoft Update or an assigned Update Services server) in addition to the offline catalogue, the report can include a specific heading called "Catalogue synchronization date". If the offline catalogue was used, the time that catalogue was generated is displayed in the report and can be used to determine if the latest catalogue was used. To check the version of the offline catalogue, follow these procedures: Step 1: If you do not have the file, download it from http://go.microsoft.com/fwlink/?linkid=76054 and save it to C:\Documents and Settings\<username>\Local Settings\Application Data\Microsoft\MBSA\2.0\Cache\wsusscn2.cab (default location). Step 2: Open C:\Documents and Settings\<username>\Local Settings\Application Data\Microsoft\MBSA\2.0\Cache\wsusscn2.cab using any program able to view an archive file type of *.cab. Step 3: Open package.cab from the wsusscn2.cab file, and then the package.xml file inside it. Step 4: View the OfflineSyncPackage header element for the CreationDate. It should be set to a value such as "2005-06-01T18:42:49Z" (for example). Use the value you find to determine when the file was generated by Microsoft. 10 Product Requirements Requirements include Remote Registry service, Server service, Workstation service, File and Printer Sharing service, and Automatic Updates service. The wsusscn2.cab file is downloaded from the Microsoft Web site over HTTP based on your Internet Explorer settings. Remote computer scans are performed by using TCP ports 135, 139, and 445. Where a firewall or filtering router separates two networks, TCP ports 135, 139, and 445 and UDP ports 137 and 138 must be open in order for MBSA to connect and authenticate to the remote computer being scanned. 11 Limitations Installs on Microsoft Windows 2000; Windows XP and Windows Server 2003. Scanning for administrative vulnerabilities is supported for Microsoft Windows 2000; Windows XP; Windows Server 2003; Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0; Microsoft Internet Explorer 5.01, 5.5, and 6.0 (including Internet Explorer 6.0 for Windows XP SP2 and Internet Explorer 6.0 for Windows Server 2003); Microsoft SQL Server 7.0 and SQL Server 2000; and Microsoft Office 2000, Office XP, and Office 2003. Scanning for security updates is based on the Microsoft Update catalogue. However, there are several products supported by MBSA 1.2.1 that will not be immediately available in Microsoft Update so MBSA 2.0 cannot scan for them: a) Microsoft BizTalk Server 2000, 2002 and 2004 b) Microsoft Commerce Server 2000 and 2002 NATO UNCLASSIFIED RELEASABLE TO THE INTERNET Page 4 of 5

c) Microsoft Content Management Server 2001 and 2002 d) Microsoft Host Integration Server 2000, 2004 and SNA Server 4.0 e) Microsoft Office 2000 12 Evaluation/Review Conclusions/Comments A very helpful tool. NATO UNCLASSIFIED RELEASABLE TO THE INTERNET Page 5 of 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information