Scanning for Security Updates and Patches


You can run Mbsa.exe and Mbsacli.exe with options to verify the presence of security patches.

Using the Graphical Interface

Use the MBSA GUI tool as described next .

 Task   To use the MBSA GUI to scan for updates and patches

  1. Click Microsoft Baseline Security Analyzer from the Programs menu.

  2. Click Scan a computer .

  3. Make sure that the following options are not selected, and then click Start scan .

    • Check for Windows vulnerabilities

    • Check for weak passwords

    • Check for IIS vulnerabilities

    • Check for SQL vulnerabilities

The advantage of the GUI is that the report is opened immediately after scanning the local computer. More details on interpreting the report are explained later in this section.

Using the Command Line (Mbsacli.exe)

To use the command line tool (Mbsacli.exe) to check for security updates and patches, run the following command from a command window. This scans the specified computer with the supplied IP address and checks for missing updates:

 mbsacli /i 192.168.195.137 /n OS+IIS+SQL+PASSWORD 

A successful scan produces results similar to those shown below:

 Scanning... [     ] 0 o[..........] 1 of 1 computer scan(s) complete. Scan Complete. Computer Name, IP Address, Assessment, Report Name ----------------------------------------------------- Workgroup\SECNETSQL, 192.168.195.137, Severe Risk, Workgroup - SECNETSQL (04-07- 2003 03-01 PM) 

You can view the report by using Mbsacli.exe, but is not recommended since it is easier to extract patch details using the GUI. The command below allows you to view a scan report using Mbsacli.exe:

 mbsacli /ld "SecurityReportFile.xml" 

Analyzing the Output

A report file is generated in the profile directory of the logged in user (%userprofile%), on the computer from where you ran the Mbsacli.exe command. The easiest way to view the results of those reports is by using the GUI mode of MBSA.




Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net