• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 369
  • Last Modified:

MS Baseline Security Analyzer Q

How reliable is this?
Just ran it after not using it in a while.
Showed 4 Critical Updates missing, yet My Updates are "Up to date". It shows MS -008, 027, .030 and .051 are not installed.
Going to MS Security, it says there have been updates to the updates, (My words), and can be updated from "Windows Updates" which says I have no updates.
So, is this Baseline Analyzer for real or should I just uninstall and don't bother with it.
Pete
0
cfourkays
Asked:
cfourkays
  • 2
  • 2
1 Solution
 
Rich RumbleSecurity SamuraiCommented:
It's more reliable (in my experience) than "windows update". While windows update does not DL the same XML file, it looks in ther registry for installed updates, windows update also does not offer all the DL's in the XML file used by the MBS. MBSA looks for practically every update that applies to your PC. It also looks at UserAccounts and simple password's- lax security settings etc... it's a nice tool. It is for real. http://www.microsoft.com/technet/security/tools/mbsaqa.mspx
I think the 6th question down is what your looking for....
-rich
0
 
cfourkaysAuthor Commented:
OK, Rich, for discussion:
In all 4 of the failures, (and one was MS03-008, mentioned in Q #6), when I click on the file I'm directed to by the MBS, and go to the download, I get this:

"A more recent critical security update is now available. To find the latest security releases for you visit Windows Update and click "Scan for updates." And visit the Protect your PC site to learn how to have the latest security updates delivered directly to your computer."

Now, as I've said, Windows Update says I'm clean, however, MBSA says.......^!
Now, who are we to believe. MS states that, one day, all will be the same but I haven't found anything in MBSA to  want to run in on any schedule.
I have my Office XP Updates on a schedule.
Any further thoughts?
You guys are the experts and I really appreciate comments and help.
Pete
0
 
Rich RumbleSecurity SamuraiCommented:
I've always used the MBSA to get the link to the DL's by clicking on the summary... be that as it may, sometimes updates do fail using windows update, however the registry entry is somtimes written even in failure, or it fails after the registry entry is entered. MBSA does a far more thorough check on your system.
http://www.geek.com/news/geeknews/2002apr/gee20020425011366.htm that was version 1.0 ... are you using 1.2?

I'd suggest DL'ing the patches that MBSA tells you to get, by hand. Look them up on M$.com and get them. If they are applied already, sometimes they'll tell you, other times the won't. I also seem to remember that in the earlier version of MBSA a "cumlitive patch", basically a small service pack, would install the patches, but elude MBSA detection. Again those were the old version. You may also try HFnetCHK... it is actually written by a 3rd party, M$ supports it though. ( http://www.shavlik.com/ )

If M$ was serious about patches and security, they certainly would make a better product, or buy some company that did. It's been pretty consistant for us, all PC's are identical hardware and made from ghost images.
-rich
0
 
cfourkaysAuthor Commented:
You mention HFnetCHK, 3rd party but supported.
Guess who wrote MBSA:

Microsoft Baseline Security Analyzer
Version 1.2 (1.2.3316.1)
© 2002-2004 Microsoft Corporation. All rights reserved.
HFNetChk developed for Microsoft Corporation by Shavlik Technologies, LLC.
© 2002-2004 Shavlik Technologies, LLC.

In other words, MBSA is built by ^ !

Thanks for the info. Every update referred to by MBSA as needing updating has already been updated with a newer patch. The article in Geek more or less says to use both and than follow-up to make sure you have the latest.
It's like running Spybot and Ad-Aware. You run both to make sure you got everything.
I give MBSA a "Ho-Hum" and I'll give you the points just for responding.
Give it a last shot!
Pete



0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now