?
Solved

MS Baseline Security Analyzer Q

Posted on 2004-04-24
4
Medium Priority
?
363 Views
Last Modified: 2013-12-04
How reliable is this?
Just ran it after not using it in a while.
Showed 4 Critical Updates missing, yet My Updates are "Up to date". It shows MS -008, 027, .030 and .051 are not installed.
Going to MS Security, it says there have been updates to the updates, (My words), and can be updated from "Windows Updates" which says I have no updates.
So, is this Baseline Analyzer for real or should I just uninstall and don't bother with it.
Pete
0
Comment
Question by:cfourkays
  • 2
  • 2
4 Comments
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 10909803
It's more reliable (in my experience) than "windows update". While windows update does not DL the same XML file, it looks in ther registry for installed updates, windows update also does not offer all the DL's in the XML file used by the MBS. MBSA looks for practically every update that applies to your PC. It also looks at UserAccounts and simple password's- lax security settings etc... it's a nice tool. It is for real. http://www.microsoft.com/technet/security/tools/mbsaqa.mspx
I think the 6th question down is what your looking for....
-rich
0
 
LVL 2

Author Comment

by:cfourkays
ID: 10909915
OK, Rich, for discussion:
In all 4 of the failures, (and one was MS03-008, mentioned in Q #6), when I click on the file I'm directed to by the MBS, and go to the download, I get this:

"A more recent critical security update is now available. To find the latest security releases for you visit Windows Update and click "Scan for updates." And visit the Protect your PC site to learn how to have the latest security updates delivered directly to your computer."

Now, as I've said, Windows Update says I'm clean, however, MBSA says.......^!
Now, who are we to believe. MS states that, one day, all will be the same but I haven't found anything in MBSA to  want to run in on any schedule.
I have my Office XP Updates on a schedule.
Any further thoughts?
You guys are the experts and I really appreciate comments and help.
Pete
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 200 total points
ID: 10912741
I've always used the MBSA to get the link to the DL's by clicking on the summary... be that as it may, sometimes updates do fail using windows update, however the registry entry is somtimes written even in failure, or it fails after the registry entry is entered. MBSA does a far more thorough check on your system.
http://www.geek.com/news/geeknews/2002apr/gee20020425011366.htm that was version 1.0 ... are you using 1.2?

I'd suggest DL'ing the patches that MBSA tells you to get, by hand. Look them up on M$.com and get them. If they are applied already, sometimes they'll tell you, other times the won't. I also seem to remember that in the earlier version of MBSA a "cumlitive patch", basically a small service pack, would install the patches, but elude MBSA detection. Again those were the old version. You may also try HFnetCHK... it is actually written by a 3rd party, M$ supports it though. ( http://www.shavlik.com/ )

If M$ was serious about patches and security, they certainly would make a better product, or buy some company that did. It's been pretty consistant for us, all PC's are identical hardware and made from ghost images.
-rich
0
 
LVL 2

Author Comment

by:cfourkays
ID: 10913369
You mention HFnetCHK, 3rd party but supported.
Guess who wrote MBSA:

Microsoft Baseline Security Analyzer
Version 1.2 (1.2.3316.1)
© 2002-2004 Microsoft Corporation. All rights reserved.
HFNetChk developed for Microsoft Corporation by Shavlik Technologies, LLC.
© 2002-2004 Shavlik Technologies, LLC.

In other words, MBSA is built by ^ !

Thanks for the info. Every update referred to by MBSA as needing updating has already been updated with a newer patch. The article in Geek more or less says to use both and than follow-up to make sure you have the latest.
It's like running Spybot and Ad-Aware. You run both to make sure you got everything.
I give MBSA a "Ho-Hum" and I'll give you the points just for responding.
Give it a last shot!
Pete



0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses
Course of the Month17 days, 8 hours left to enroll

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question