Solved

MS Baseline Security Analyzer Q

Posted on 2004-04-24
4
342 Views
Last Modified: 2013-12-04
How reliable is this?
Just ran it after not using it in a while.
Showed 4 Critical Updates missing, yet My Updates are "Up to date". It shows MS -008, 027, .030 and .051 are not installed.
Going to MS Security, it says there have been updates to the updates, (My words), and can be updated from "Windows Updates" which says I have no updates.
So, is this Baseline Analyzer for real or should I just uninstall and don't bother with it.
Pete
0
Comment
Question by:cfourkays
  • 2
  • 2
4 Comments
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 10909803
It's more reliable (in my experience) than "windows update". While windows update does not DL the same XML file, it looks in ther registry for installed updates, windows update also does not offer all the DL's in the XML file used by the MBS. MBSA looks for practically every update that applies to your PC. It also looks at UserAccounts and simple password's- lax security settings etc... it's a nice tool. It is for real. http://www.microsoft.com/technet/security/tools/mbsaqa.mspx
I think the 6th question down is what your looking for....
-rich
0
 
LVL 2

Author Comment

by:cfourkays
ID: 10909915
OK, Rich, for discussion:
In all 4 of the failures, (and one was MS03-008, mentioned in Q #6), when I click on the file I'm directed to by the MBS, and go to the download, I get this:

"A more recent critical security update is now available. To find the latest security releases for you visit Windows Update and click "Scan for updates." And visit the Protect your PC site to learn how to have the latest security updates delivered directly to your computer."

Now, as I've said, Windows Update says I'm clean, however, MBSA says.......^!
Now, who are we to believe. MS states that, one day, all will be the same but I haven't found anything in MBSA to  want to run in on any schedule.
I have my Office XP Updates on a schedule.
Any further thoughts?
You guys are the experts and I really appreciate comments and help.
Pete
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 50 total points
ID: 10912741
I've always used the MBSA to get the link to the DL's by clicking on the summary... be that as it may, sometimes updates do fail using windows update, however the registry entry is somtimes written even in failure, or it fails after the registry entry is entered. MBSA does a far more thorough check on your system.
http://www.geek.com/news/geeknews/2002apr/gee20020425011366.htm that was version 1.0 ... are you using 1.2?

I'd suggest DL'ing the patches that MBSA tells you to get, by hand. Look them up on M$.com and get them. If they are applied already, sometimes they'll tell you, other times the won't. I also seem to remember that in the earlier version of MBSA a "cumlitive patch", basically a small service pack, would install the patches, but elude MBSA detection. Again those were the old version. You may also try HFnetCHK... it is actually written by a 3rd party, M$ supports it though. ( http://www.shavlik.com/ )

If M$ was serious about patches and security, they certainly would make a better product, or buy some company that did. It's been pretty consistant for us, all PC's are identical hardware and made from ghost images.
-rich
0
 
LVL 2

Author Comment

by:cfourkays
ID: 10913369
You mention HFnetCHK, 3rd party but supported.
Guess who wrote MBSA:

Microsoft Baseline Security Analyzer
Version 1.2 (1.2.3316.1)
© 2002-2004 Microsoft Corporation. All rights reserved.
HFNetChk developed for Microsoft Corporation by Shavlik Technologies, LLC.
© 2002-2004 Shavlik Technologies, LLC.

In other words, MBSA is built by ^ !

Thanks for the info. Every update referred to by MBSA as needing updating has already been updated with a newer patch. The article in Geek more or less says to use both and than follow-up to make sure you have the latest.
It's like running Spybot and Ad-Aware. You run both to make sure you got everything.
I give MBSA a "Ho-Hum" and I'll give you the points just for responding.
Give it a last shot!
Pete



0

Featured Post

Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
A short film showing how OnPage and Connectwise integration works.
Delivering innovative fully-managed cloud services for mission-critical applications requires expertise in multiple areas plus vision and commitment. Meet a few of the people behind the quality services of Concerto.

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now