Update your server with the latest service packs and patches. You must update and patch all of the Web server components including Windows 2000 (and IIS), the .NET Framework, and Microsoft Data Access Components (MDAC).
During this step, you:
Detect and install the required patches and updates .
Update the .NET Framework .
Use the Microsoft Baseline Security Analyzer (MBSA) to detect the patches and updates that may be missing from your current installation. MBSA compares your installation to a list of currently available updates maintained in an XML file. MBSA can download the XML file when it scans your server or you can manually download the file to the server or make it available on a network server.
Task To detect and install patches and updates
Download and install MBSA.
You can do this from the MBSA home page at http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/Tools/mbsahome.asp.
If you do not have Internet access when you run MBSA, MBSA cannot retrieve the XML file that contains the latest security settings from Microsoft. You can use another computer to download the XML file, however. Then you can copy it into the MBSA program directory. The XML file is available from http://download.microsoft.com/download/xml/ security/1.0/nt5/en-us/mssecure.cab .
Run MBSA by double-clicking the desktop icon or selecting it from the Programs menu.
Click Scan a computer . MBSA defaults to the local computer.
Clear all check boxes apart from Check for security updates . This option detects which patches and updates are missing.
Click Start scan . Your server is now analyzed . When the scan is complete, MBSA displays a security report, which it also writes to the %userprofile%\SecurityScans directory.
Download and install the missing updates.
Click the Result details link next to each failed check to view the list of security updates that are missing. The resulting dialog box displays the Microsoft security bulletin reference number. Click the reference to find out more about the bulletin and to download the update.
For more information on using MBSA, see "How To: Use Microsoft Baseline Security Analyzer" in the "How To" section of this guide.
At the time of this writing (May 2003), MBSA cannot detect .NET Framework updates and patches. Therefore, you must manually detect .NET Framework updates.
Task To manually update .NET Framework version 1.0
Determine which .NET Framework service pack is installed on your Web server.
To do this, see Microsoft Knowledge Base article 318785, " INFO : Determining Whether Service Packs Are Installed on .NET Framework."
Compare the installed version of the .NET Framework to the current service pack.
To do this, use the .NET Framework versions listed in Microsoft Knowledge Base article 318836, "INFO: How to Obtain the Latest .NET Framework Service Pack."