Microsoft Baseline Security Analyzer (MBSA) is a free security and vulnerability assessment (VA) scan tool for IT professionals, administrators and security auditors to improve security management process and assess or determine security state in accordance with Microsoft security recommendations and offers specific remediation guidance.

Microsoft Baseline Security Analyzer can detect common security misconfigurations (also called Vulnerability Assessment checks) using a known list of less secure settings and configurations for all versions of Windows, Internet Information Server (IIS) 5.0, 6.0 and 6.1, SQL Server 2000 and 2005, Internet Explorer (IE) 5.01 and later, and Office 2000, 2002 and 2003 only. MBSA can also identify missing security updates, rollups and service packs that delivered through Microsoft Update (Windows Update) technologies on computer systems. MBSA includes a graphical and command line interface that can perform local or remote scans of Microsoft Windows systems.

MBSA will not scan or report missing non-security updates, tools or drivers.

Microsoft Baseline Security Analyzer

Microsoft Baseline Security Analyzer version 2.1.1 builds adds support for Windows 7 and Windows Server 2008 R2, and has improved on SQL Server 2005 checks, in addition to adding support for the latest Windows Update Agent (WUA) and Microsoft Update technologies.

MBSA 2.1.1 runs on Windows Server 2008 R2, Windows 7, Windows Server 2008, Windows Vista, Windows Server 2003, Windows XP and Windows 2000 systems. It’s available for English (EN), German (DE), French (FR) and Japanese (JA) on x86 (32-bit) or x64 (64-bit) platforms.

Download Microsoft Baseline Security Analyzer from Microsoft Download Center.