Solved

MS Baseline Security Analyzer Q

Posted on 2004-04-24
4
340 Views
Last Modified: 2013-12-04
How reliable is this?
Just ran it after not using it in a while.
Showed 4 Critical Updates missing, yet My Updates are "Up to date". It shows MS -008, 027, .030 and .051 are not installed.
Going to MS Security, it says there have been updates to the updates, (My words), and can be updated from "Windows Updates" which says I have no updates.
So, is this Baseline Analyzer for real or should I just uninstall and don't bother with it.
Pete
0
Comment
Question by:cfourkays
  • 2
  • 2
4 Comments
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 10909803
It's more reliable (in my experience) than "windows update". While windows update does not DL the same XML file, it looks in ther registry for installed updates, windows update also does not offer all the DL's in the XML file used by the MBS. MBSA looks for practically every update that applies to your PC. It also looks at UserAccounts and simple password's- lax security settings etc... it's a nice tool. It is for real. http://www.microsoft.com/technet/security/tools/mbsaqa.mspx
I think the 6th question down is what your looking for....
-rich
0
 
LVL 2

Author Comment

by:cfourkays
ID: 10909915
OK, Rich, for discussion:
In all 4 of the failures, (and one was MS03-008, mentioned in Q #6), when I click on the file I'm directed to by the MBS, and go to the download, I get this:

"A more recent critical security update is now available. To find the latest security releases for you visit Windows Update and click "Scan for updates." And visit the Protect your PC site to learn how to have the latest security updates delivered directly to your computer."

Now, as I've said, Windows Update says I'm clean, however, MBSA says.......^!
Now, who are we to believe. MS states that, one day, all will be the same but I haven't found anything in MBSA to  want to run in on any schedule.
I have my Office XP Updates on a schedule.
Any further thoughts?
You guys are the experts and I really appreciate comments and help.
Pete
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 50 total points
ID: 10912741
I've always used the MBSA to get the link to the DL's by clicking on the summary... be that as it may, sometimes updates do fail using windows update, however the registry entry is somtimes written even in failure, or it fails after the registry entry is entered. MBSA does a far more thorough check on your system.
http://www.geek.com/news/geeknews/2002apr/gee20020425011366.htm that was version 1.0 ... are you using 1.2?

I'd suggest DL'ing the patches that MBSA tells you to get, by hand. Look them up on M$.com and get them. If they are applied already, sometimes they'll tell you, other times the won't. I also seem to remember that in the earlier version of MBSA a "cumlitive patch", basically a small service pack, would install the patches, but elude MBSA detection. Again those were the old version. You may also try HFnetCHK... it is actually written by a 3rd party, M$ supports it though. ( http://www.shavlik.com/ )

If M$ was serious about patches and security, they certainly would make a better product, or buy some company that did. It's been pretty consistant for us, all PC's are identical hardware and made from ghost images.
-rich
0
 
LVL 2

Author Comment

by:cfourkays
ID: 10913369
You mention HFnetCHK, 3rd party but supported.
Guess who wrote MBSA:

Microsoft Baseline Security Analyzer
Version 1.2 (1.2.3316.1)
© 2002-2004 Microsoft Corporation. All rights reserved.
HFNetChk developed for Microsoft Corporation by Shavlik Technologies, LLC.
© 2002-2004 Shavlik Technologies, LLC.

In other words, MBSA is built by ^ !

Thanks for the info. Every update referred to by MBSA as needing updating has already been updated with a newer patch. The article in Geek more or less says to use both and than follow-up to make sure you have the latest.
It's like running Spybot and Ad-Aware. You run both to make sure you got everything.
I give MBSA a "Ho-Hum" and I'll give you the points just for responding.
Give it a last shot!
Pete



0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

There are several problems reported according slow link speeds or poor performance in TMG 2010, UAG 2010 or ISA 2006. I want to collect here some of the common issues together to give a brief overview what can be the reason. Nevertheless, not all of…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now