microsoft baseline security analyzer 2.0 beta overview

Microsoft Baseline Security Microsoft Baseline Security Analyzer 2.0 Beta OverviewAnalyzer 2.0 Beta Overview

This content is subject to change. It is provided "AS IS" with no warranties, and confers no rights. This content is subject to change. It is provided "AS IS" with no warranties, and confers no rights.

AgendaAgenda

Part 1: RoadmapPart 1: Roadmap Part 2: Feature ReviewPart 2: Feature Review Part 3: User ExperiencePart 3: User Experience Part 4: System RequirementsPart 4: System Requirements Part 5: Migration ConsiderationsPart 5: Migration Considerations


Security Update Management TodaySecurity Update Management Today

Windows Update/Office UpdateWindows Update/Office Update Consumer focused web based solutionsConsumer focused web based solutions

Software Update Services (SUS) 1.0Software Update Services (SUS) 1.0 Intermediary between Windows Update and Intermediary between Windows Update and

Automatic Updates (delegated control of updates)Automatic Updates (delegated control of updates)

Microsoft Baseline Security Analyzer (MBSA) 1.2.1Microsoft Baseline Security Analyzer (MBSA) 1.2.1 Detects security updates for 16 productsDetects security updates for 16 products Detects configuration vulnerabilities for 7 productsDetects configuration vulnerabilities for 7 products

Systems Management Server 2.0 / 2003Systems Management Server 2.0 / 2003 SUS Feature Pack (using MBSA 1.2 and ODT)SUS Feature Pack (using MBSA 1.2 and ODT)

Enterprise Update Scan Tool (EST)Enterprise Update Scan Tool (EST) Detects security updates that MBSA does notDetects security updates that MBSA does not Compatible with SMSCompatible with SMS

Disparate sources, limited update detectionDisparate sources, limited update detection


Microsoft Update (MU)Microsoft Update (MU) ““Hosted” version of Update ServicesHosted” version of Update Services Consumer focused web based solutionConsumer focused web based solution

Windows Server Update Services (WSUS)Windows Server Update Services (WSUS) Infrastructure for all other updating products and toolsInfrastructure for all other updating products and tools Update management solution with targeting for Microsoft Update management solution with targeting for Microsoft

platformplatform

Microsoft Baseline Security Analyzer (MBSA) 2.0Microsoft Baseline Security Analyzer (MBSA) 2.0 Security focused scanning without the need for a serverSecurity focused scanning without the need for a server

Systems Management Server 2003Systems Management Server 2003 Inventory Tool for Microsoft UpdateInventory Tool for Microsoft Update

Security Update Management TomorrowSecurity Update Management Tomorrow

Consistent results, extending update detectionConsistent results, extending update detection


Windows Update

Office Update MSSecure.XMLDownload Center

Automatic

Updates

ODT HFNetChk

EST

SMS MBSA 1.2.1

SUS

Automatic

Updates

MOM

Update Detection / Deployment Today

Microsoft Update

Automatic

Updates

SMS MBSA 2.0

Update

Services

Windows Update Agent

MOM

Microsoft Update Catalog

Offline Catalog(wsusscan.cab)

Update Detection / Deployment This Summer


MBSA 2.0 (Q2CY05)MBSA 2.0 (Q2CY05)

Uses WSUS infrastructureUses WSUS infrastructure Eventually detect all Microsoft updatesEventually detect all Microsoft updates Not limited to named productsNot limited to named products

Consistent with other tools using WSUSConsistent with other tools using WSUS

Next…Next…

Uses WSUS infrastructureUses WSUS infrastructure

VA for the Microsoft platformVA for the Microsoft platform AuthoritativeAuthoritative ExtensibleExtensible

Vulnerability Assessment TimelineVulnerability Assessment Timeline

Enterprise Scan ToolEnterprise Scan Tool Detects security updates Detects security updates

that MBSA / ODT do notthat MBSA / ODT do not Compatible with SMSCompatible with SMS

MBSA 1.2.1 / ODTMBSA 1.2.1 / ODTSecurity update checksSecurity update checks Limited to 16 named productsLimited to 16 named products

Administrative vulnerability checksAdministrative vulnerability checks Limited to 7 named productsLimited to 7 named products Checks not extensibleChecks not extensible

Aug ‘04Aug ‘04

Oct ’04…Oct ’04…


MBSA 2.0 GoalsMBSA 2.0 Goals Converge scanning on WSUS infrastructure by Converge scanning on WSUS infrastructure by

replacing current scan engine with Microsoft Update replacing current scan engine with Microsoft Update (MU)(MU)

WSUS server and Internet connection optionalWSUS server and Internet connection optional Cover all security-related updates published to MUCover all security-related updates published to MU Consistency in reporting results with all tools that Consistency in reporting results with all tools that

also leverage MU (WSUS, SMS, MOM, MBSA)also leverage MU (WSUS, SMS, MOM, MBSA) Provide better detail and more actionable results in Provide better detail and more actionable results in

the reportthe report Partnering and redistributionPartnering and redistribution


RedistributionRedistribution MBSA 2.0 License Agreement to allow MBSA 2.0 License Agreement to allow

redistributionredistribution Improved ISV / 3Improved ISV / 3rdrd party integration party integration

opportunitiesopportunities Microsoft may still change interfaces, Microsoft may still change interfaces,

schema, etc. at any timeschema, etc. at any time


Part 2 Part 2 Feature ReviewFeature Review

Key TermsKey Terms Scanning / ReportingScanning / Reporting Update DetectionUpdate Detection Additional ChecksAdditional Checks How it worksHow it works


Key TermsKey Terms Offline catalog – A copy of the detection catalog from Offline catalog – A copy of the detection catalog from

the MU backend for use without a networkthe MU backend for use without a network AU – Automatic Updates; allows the desktop user to AU – Automatic Updates; allows the desktop user to

interact with the updating processinteract with the updating process WUA – Windows Update Agent; provides a published WUA – Windows Update Agent; provides a published

API and infrastructure to AU, MBSA, SMS and other API and infrastructure to AU, MBSA, SMS and other API callersAPI callers

COM+ / DCOM – Interface used by the WUA API which COM+ / DCOM – Interface used by the WUA API which provides ‘read only’ scanning from a remote provides ‘read only’ scanning from a remote computer and full functionality locallycomputer and full functionality locally

Personal firewall – A firewall can protect a computer Personal firewall – A firewall can protect a computer from remote access of ports and interfacesfrom remote access of ports and interfaces


MBSA 2.0 ScanningMBSA 2.0 Scanning Flexible scanning sourcesFlexible scanning sources

• Microsoft Update siteMicrosoft Update site• Offline catalogOffline catalog• Assigned WSUS serverAssigned WSUS server

Use multiple copies of MBSA 2.0Use multiple copies of MBSA 2.0• MBSA 1.2.x limited to a single instanceMBSA 1.2.x limited to a single instance• Can use MBSA 2.0 side-by-side with MBSA Can use MBSA 2.0 side-by-side with MBSA

1.2.1 during migration 1.2.1 during migration Input file of computers / IP addresses to be Input file of computers / IP addresses to be

scannedscanned Pass a username and password on the Pass a username and password on the

command line for an MBSA-style scancommand line for an MBSA-style scan


MBSA 2.0 ReportingMBSA 2.0 Reporting Provide a "not yet approved" score for WSUS server Provide a "not yet approved" score for WSUS server

administrators administrators Current Update Compliance (history) appears in the Current Update Compliance (history) appears in the

reportreport ‘‘Restart Required’ now shown in report Restart Required’ now shown in report Now offers XML output for all update scanningNow offers XML output for all update scanning

• MBSA 1.2.x had XML only for MBSA-style scans, not /HF MBSA 1.2.x had XML only for MBSA-style scans, not /HF scansscans

Elimination of the blue asterisk ‘Note’ message for Elimination of the blue asterisk ‘Note’ message for security updates security updates

Locate update packages, KB and bulletin directlyLocate update packages, KB and bulletin directly Maximum bulletin severity and 3rd party related IDsMaximum bulletin severity and 3rd party related IDs


MBSA 2.0 Update DetectionMBSA 2.0 Update DetectionSecurity updates (today)Security updates (today) Windows 2000 SP3 and laterWindows 2000 SP3 and later IIS 5.0 and laterIIS 5.0 and later SQL Server 2000 / MSDE and laterSQL Server 2000 / MSDE and later IE 5.01 SP3 and laterIE 5.01 SP3 and later Exchange 2000, 2003 and laterExchange 2000, 2003 and later Windows Media Player 6.4 and laterWindows Media Player 6.4 and later Office XP, 2003 and laterOffice XP, 2003 and later MSXML 2.5, 2.6, 3.0, 4.0MSXML 2.5, 2.6, 3.0, 4.0 MDAC 2.5, 2.6, 2.7, 2.8MDAC 2.5, 2.6, 2.7, 2.8 Microsoft Virtual Machine (JVM)Microsoft Virtual Machine (JVM)

New platformsNew platforms

Remote only, updates onlyRemote only, updates only XP EmbeddedXP Embedded IA64IA64

Updates onlyUpdates only X64X64

Not immediately available SQL and Exchange service packsSQL and Exchange service packs Office 2000 updatesOffice 2000 updates Commerce ServerCommerce Server Content Mgt ServerContent Mgt Server BizTalkBizTalk Host Integration ServerHost Integration Server

Added security updatesAdded security updates DirectXDirectX .NET Framework.NET Framework Windows MessengerWindows Messenger FrontPage Server ExtensionsFrontPage Server Extensions Windows Media Player 10Windows Media Player 10 Windows Script 5.1, 5.5, 5.6Windows Script 5.1, 5.5, 5.6 Windows Server 2003, 64-Bit Windows Server 2003, 64-Bit

EditionEdition Windows XP 64-Bit EditionWindows XP 64-Bit Edition Windows XP Embedded EditionWindows XP Embedded Edition


Update Detection International Update Detection International ConsiderationsConsiderations

MU and offline catalog contain all languagesMU and offline catalog contain all languages Regardless of client language, any report created by a Regardless of client language, any report created by a

given console will be in the language of that consolegiven console will be in the language of that console Viewing a report in a different language console may Viewing a report in a different language console may

cause the report to have text in both languagescause the report to have text in both languages If localized update not synchronized to the WUS If localized update not synchronized to the WUS

server, a WSUS-only scan will result in default strings server, a WSUS-only scan will result in default strings regardless of client or console localeregardless of client or console locale• Should be rareShould be rare


MBSA 2.0 Additional ChecksMBSA 2.0 Additional ChecksIncomplete UpdatesIncomplete Updates Updates packaged using update.exe v6.1 Updates packaged using update.exe v6.1

(and later) provide a registry key to (and later) provide a registry key to indicate pending rebootindicate pending reboot

MBSA will check this key and offer a non-MBSA will check this key and offer a non-critical warningcritical warning

Help topic for the check has detailsHelp topic for the check has details

Operating System VersionOperating System Version Changed to report a critical warning (Red Changed to report a critical warning (Red

X) when scanning Windows NT due to the X) when scanning Windows NT due to the end of support for that Windows versionend of support for that Windows version


MBSA 2.0 How It WorksMBSA 2.0 How It Works Default BehaviorDefault Behavior MBSA 2.0 Process AnimationMBSA 2.0 Process Animation

• Agent DeploymentAgent Deployment• ScanningScanning

Superseded UpdatesSuperseded Updates


MBSA 2.0 Default Scan OptionsMBSA 2.0 Default Scan Options

MBSA Scan (GUI and CLI) Use Same OptionsMBSA Scan (GUI and CLI) Use Same Options

Run all checks, local computerRun all checks, local computer

Attempt to install WUA if neededAttempt to install WUA if needed

Attempt to use WSUS server (if assigned)Attempt to use WSUS server (if assigned)

Attempt to configure / use MUAttempt to configure / use MU

• Use offline CAB if MU site not availableUse offline CAB if MU site not available

Saved report will Saved report will warnwarn if MSI not present if MSI not present

Informational grade for unapproved WSUS updates Informational grade for unapproved WSUS updates (if WSUS server assigned to client)(if WSUS server assigned to client)

Show a detailed report immediately after a single Show a detailed report immediately after a single computer scancomputer scan


MBSA ConsoleMBSA Console

Agent DeploymentAgent Deployment

4.4. Download agent Download agent componentscomponents

1.1. Run MBSA on Admin system, specify Run MBSA on Admin system, specify targetstargets

5.5. Push agent, Push agent, (register MU), then (register MU), then retry APIretry API

2.2. Verify latest CAB and compare Verify latest CAB and compare agent version in CAB to WUA agent version in CAB to WUA versionversion

3.3. If low version go to #4, If low version go to #4, else scan normally else scan normally (verify MU config)(verify MU config)

Microsoft Update

WindowsUpdateAgent20-X64.exeWindowsUpdateAgent20-X64.exe

WindowsUpdateAgent20-WindowsUpdateAgent20-X86.exeX86.exe

Target ComputerTarget Computer

WSUSSCAN.CABWSUSSCAN.CAB


MBSA ConsoleMBSA Console

MBSA 2.0 ScanningMBSA 2.0 Scanning

3.3. Try the WSUS server by default (if Try the WSUS server by default (if assigned)assigned)

1.1. Run MBSA on Admin system, specify Run MBSA on Admin system, specify targetstargets

2.2. Verify latest CAB readyVerify latest CAB ready

5.5. If MU not available push If MU not available push CAB to clientCAB to client

6.6. Use API with CAB fileUse API with CAB file

Microsoft Update

WSUSSCAN.CABWSUSSCAN.CAB

7.7. If WSUS results & MU If WSUS results & MU results, merge themresults, merge them

8.8. Use Info score for WSUS Use Info score for WSUS unapproved itemsunapproved items

4.4. Try the MU site (by default)Try the MU site (by default)

MU siteMU site

WSUSWSUS

Target ComputerTarget Computer


Superseded UpdatesSuperseded Updates

Service Pack 3

Service Pack 2

MS04-039

MS04-011

Typical replacement relationship:Typical replacement relationship:

If only previous update is installed:If only previous update is installed:

If a later update is not WSUS If a later update is not WSUS approved:approved:

If previous and replacement updates If previous and replacement updates installed:installed:

Service Pack 2

Service Pack 3

Update Rollup #2

Update Rollup #1

MS04-039

MS04-011

Ser

vice

Pac

ksU

pdat

e R

ollu

psS

ecur

ity U

pdat

es


Part 3Part 3User ExperienceUser Experience

Command Line Interface (CLI)Command Line Interface (CLI)• New optionsNew options• Changed optionsChanged options

Graphical User Interface (GUI)Graphical User Interface (GUI)• Scanning OptionsScanning Options• Error Message HandlingError Message Handling• Report DetailsReport Details


New Options In MBSA 2.0 New Options In MBSA 2.0 /qt – Do not display the report output /qt – Do not display the report output

automatically after a single computer scanautomatically after a single computer scan /nd – Do not download files from the Web /nd – Do not download files from the Web

site when scanningsite when scanning /nai – Do not attempt to install a newer /nai – Do not attempt to install a newer

version of WUA if one is required for version of WUA if one is required for scanningscanning

/nm – Do not configure clients to use the /nm – Do not configure clients to use the Microsoft Update site when scanningMicrosoft Update site when scanning

/wi – Ignore the WSUS configuration of the /wi – Ignore the WSUS configuration of the client computerclient computer


Options Changed In MBSA 2.0Options Changed In MBSA 2.0

/wa replace the /sus option /wa replace the /sus option /catalog replaces the /x option /catalog replaces the /x option /xmlout replaces the /hf option /xmlout replaces the /hf option /target replaces the /i, /c and /h /target replaces the /i, /c and /h

options options /listfile replaces the /fh and /fip /listfile replaces the /fh and /fip

options options /ld replaces the /v option/ld replaces the /v option


MBSA 2.0 Scanning Options PageMBSA 2.0 Scanning Options Page

Use the GUI options to control WUA updating and Microsoft Update service registration. Scanning with, and without Update Services approved update list can be controlled.


Error Message HandlingError Message Handling Many error messages made easily Many error messages made easily

actionableactionable ‘‘How to correct this’ link in reportHow to correct this’ link in report

• Opens new guidance in main help fileOpens new guidance in main help file Main help and FAQ work in conjunction Main help and FAQ work in conjunction

with error messageswith error messages Web site FAQ topic enhanced over timeWeb site FAQ topic enhanced over time


Report Details (non-compliance)Report Details (non-compliance)Notice the CVE data, severity, and download icon. Restart required, the new informational score, as well as KB links are now provided.


Report Details (compliance)Report Details (compliance)Reports now list the most current updates that are installed and not yet replaced by newer updates


Part 4Part 4System RequirementsSystem Requirements

Windows Update AgentWindows Update Agent System RequirementsSystem Requirements


Windows Update AgentWindows Update AgentWhat is it?What is it? Replacement update scanning engine for MBSA Replacement update scanning engine for MBSA

2.0 and Automatic Updates, SMS, etc.2.0 and Automatic Updates, SMS, etc. Detection logic is now data-driven / extensible Detection logic is now data-driven / extensible

(and for Microsoft products only)(and for Microsoft products only) Uses an offline catalog as well as an online site Uses an offline catalog as well as an online site

for scanningfor scanning Future enhancements to the WUA engine allow Future enhancements to the WUA engine allow

MBSA 2.0 to “self-update” when neededMBSA 2.0 to “self-update” when needed

AU / WUA self-updateAU / WUA self-update Needs Internet connection or WSUS serverNeeds Internet connection or WSUS server Needs AU switched on in control panel and AU Needs AU switched on in control panel and AU

service runningservice running


MBSA 2.0 System RequirementsMBSA 2.0 System Requirements

Required servicesRequired services Computer being scanned locallyComputer being scanned locally

• Workstation and Server serviceWorkstation and Server service• Windows Installer 3.1 (for security update scans)Windows Installer 3.1 (for security update scans)• Windows Update AgentWindows Update Agent

Computer that performs remote scansComputer that performs remote scans• Workstation serviceWorkstation service• Client for Microsoft NetworksClient for Microsoft Networks• Windows Update AgentWindows Update Agent

Computer being remotely scannedComputer being remotely scanned• Server serviceServer service• Remote registry serviceRemote registry service• File and Print SharingFile and Print Sharing• Windows Installer 3.1 (for security update scans)Windows Installer 3.1 (for security update scans)• Windows Update AgentWindows Update Agent


RequirementsRequirements Internet Explorer 5.01 SP3 or aboveInternet Explorer 5.01 SP3 or above Windows 2000 SP3 and laterWindows 2000 SP3 and later XML parser (MSXML version 3.0 w/ latest SP)XML parser (MSXML version 3.0 w/ latest SP) IIS Common Files (required on local machine when IIS Common Files (required on local machine when

scanning remote IIS computers)scanning remote IIS computers) Firewall portsFirewall ports

• Port 80 (HTTP)Port 80 (HTTP) Outbound from scanning computerOutbound from scanning computer Needed to download WUSSCAN.CAB fileNeeded to download WUSSCAN.CAB file

• TCP 139, 445TCP 139, 445 Inbound to scanned computersInbound to scanned computers Needed to scan remote computersNeeded to scan remote computers

• DCOM (port 135) + new optionally configured portDCOM (port 135) + new optionally configured port User must be running as local Administrator for User must be running as local Administrator for

scanningscanning


Part 5 Part 5 Migration ConsiderationsMigration Considerations

Command Line ParityCommand Line Parity Concurrent scanningConcurrent scanning Scanning without full installScanning without full install Catalog versionCatalog version DCOM ports on Windows FirewallDCOM ports on Windows Firewall SQL multi-instanceSQL multi-instance Reason messagesReason messages


MBSA Version CLI Option ParityMBSA Version CLI Option Parity

MBSA 1.2.xMBSA 1.2.x /hf /h or /hf /i/hf /h or /hf /i /c or /i/c or /i /hf /x/hf /x /hf/hf /sus/sus /hf /fip/hf /fip /hf /fh/hf /fh /v/v

MBSA 2.0MBSA 2.0 /target/target /target/target /catalog/catalog /xmlout or /n */xmlout or /n * /wa/wa /listfile/listfile /listfile/listfile /ld/ld

* = OS+IIS+SQL+Password


Concurrent ScanningConcurrent Scanning Can run Can run multiple instancesmultiple instances of MBSA 2.0 at of MBSA 2.0 at

the same timethe same time Do not scan the same target computer Do not scan the same target computer

from from more than onemore than one scanning computer scanning computer• Same limitation exists in MBSA 1.2.1Same limitation exists in MBSA 1.2.1• Password checks may collidePassword checks may collide

MBSA 2.0 will ensure password checks MBSA 2.0 will ensure password checks happen safely if same target attempted by happen safely if same target attempted by multiple instances on same scanning multiple instances on same scanning computercomputer


Scanning Without Full InstallScanning Without Full Install

MBSA 1.2.x /HF mode scanning was MBSA 1.2.x /HF mode scanning was popularpopular• Single file (mbsacli.exe)Single file (mbsacli.exe)

Use /xmlout switch for MBSA 2.0Use /xmlout switch for MBSA 2.0• Only needs Only needs WUA, mbsacli.exe and WUA, mbsacli.exe and

wusscan.dllwusscan.dll (no COM registration) (no COM registration)• Sends XML stream to console (stdout)Sends XML stream to console (stdout)• Local computer onlyLocal computer only• Other switches are limited in this modeOther switches are limited in this mode


Catalog Version And Firewall Catalog Version And Firewall SettingsSettings

Offline Catalog VersionOffline Catalog Version Offline catalog includes a date/time string for Offline catalog includes a date/time string for

when it was createdwhen it was created Generated automatically when an update Generated automatically when an update

category changes in the MU sitecategory changes in the MU site WSUS server and MU site catalog WSUS server and MU site catalog do not have a do not have a

versionversion To ensure a catalog version string appears in all To ensure a catalog version string appears in all

reports, use the /catalog optionreports, use the /catalog option

DCOM ports on personal firewallsDCOM ports on personal firewalls May need to obtain hotfix for 895200 (COM+ May need to obtain hotfix for 895200 (COM+

hotfix rollup 9)hotfix rollup 9)• Allows use of custom static portAllows use of custom static port• Affects all Windows XP versionsAffects all Windows XP versions


SQL Server InstancesSQL Server InstancesSQL Multi-instance BehaviorSQL Multi-instance Behavior

WUA scanning will check all SQL / MSDE instancesWUA scanning will check all SQL / MSDE instances

After first vulnerable instance found, remaining After first vulnerable instance found, remaining instances are skippedinstances are skipped

Report shows product affectedReport shows product affected

SQL Multi-instance Solution SQL Multi-instance Solution

Use details link in MBSA report to obtain the needed Use details link in MBSA report to obtain the needed updateupdate

Run the update package in ‘report mode’Run the update package in ‘report mode’

• This mode will show each SQL instance version to This mode will show each SQL instance version to compare with the version of the needed updatecompare with the version of the needed update


Reason MessagesReason Messages‘‘Why this update is considered missing’ MessagesWhy this update is considered missing’ Messages MBSA 1.x provided file names, versions, MBSA 1.x provided file names, versions,

registry data, etc. to assist in troubleshootingregistry data, etc. to assist in troubleshooting

MBSA 2.0 uses WUAMBSA 2.0 uses WUA WUA uses different troubleshootingWUA uses different troubleshooting Microsoft Knowledgebase articles 319109, Microsoft Knowledgebase articles 319109,

896069, 835399 and 842289 and Microsoft 896069, 835399 and 842289 and Microsoft Update troubleshooting steps and client logsUpdate troubleshooting steps and client logs

MBSA 2.0 provides ‘restart required’ message at MBSA 2.0 provides ‘restart required’ message at the update level in the scan reportthe update level in the scan report

Covers any update installed using WUACovers any update installed using WUA Automatic Updates, SMS, Microsoft Update, Automatic Updates, SMS, Microsoft Update,

Windows Update, etc.Windows Update, etc.


ReviewReview Detection consistency, centered on Detection consistency, centered on

Update ServicesUpdate Services Features in MBSA 2.0 and what to Features in MBSA 2.0 and what to

expectexpect Important considerations in using this Important considerations in using this

major versionmajor version


Beta Support ResourcesBeta Support Resources Self-nominate using guidance from Self-nominate using guidance from

http://www.microsoft.com/mbsahttp://www.microsoft.com/mbsa Posting QuestionsPosting Questions

• Beta.Microsoft.mbsa20.General newsgroupBeta.Microsoft.mbsa20.General newsgroup AnnouncementsAnnouncements

• Beta.Microsoft.mbsa20.Announcements newsgroupBeta.Microsoft.mbsa20.Announcements newsgroup News Server: betanews.microsoft.com.News Server: betanews.microsoft.com. All MBSA 2.0 beta users must utilize the services of All MBSA 2.0 beta users must utilize the services of

BetaPlace for technical supportBetaPlace for technical support• To access Beta.Microsoft.com, go to To access Beta.Microsoft.com, go to

http://beta.microsoft.comhttp://beta.microsoft.com..• Sign in using your Passport accountSign in using your Passport account

Do not post questions about MBSA 2.0 beta to the Do not post questions about MBSA 2.0 beta to the public newsgroupspublic newsgroups


© 2005 Microsoft Corporation. All rights reserved.© 2005 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only. This presentation is for informational purposes only.

MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.

microsoft baseline security analyzer 2.0 beta overview

Documents

microsoft updates

security updates

odt security update

limited update detection

securityrelated updates

mbsa odt

windows update office

redistribution mbsa