Microsoft Baseline Security Analyzer - 26 Feb 2002

Microsoft recently demonstrated a new tool at the RSA Security Conference. The tool, Microsoft Baseline Security Analyzer (MBSA), isn't available yet, but a spokesperson at the conference said the tool inspects a PC to determine whether any patches are missing and whether the system is configured correctly.

I don't know when the tool will be available, and I didn't find any data about MBSA on Microsoft's TechNet Web site. The tool sounds remarkably similar to Microsoft's HFNetChk tool, with the added ability to check configurations. As I mentioned in Updated Security Tools" in a previous Security UPDATE, Shavlik Technologies worked with Microsoft to develop HFNetChk, and Shavlik recently released HFNetChk Pro, which goes well beyond the capabilities of HFNetChk.

Computerworld reported that the release of MBSA might mean Microsoft is inching into the security test-tool market. If nothing else, the move to release MBSA draws a distinction between Shavlik's HFNetChk Pro tool and Microsoft's less-capable HFNetChk by adding an ability to check specific configuration settings, but at the same time introduces some confusion about the amount of overlap between MBSA and the current HFNetChk tool. I'll let you know when I find out more about MBSA and its impending release to the public.

We're conducting a new poll this week: How would you feel about Microsoft entering the security test-tool market—would you rely on Microsoft's tools to test the security of your systems and network? Stop by the Security Administrator Web site and give us your answer.

Microsoft Senior Vice President and Chief Technical Officer of Advanced Strategies and Policy Craig Mundie recently conducted an interview with Microsoft's inhouse PressPass staff. The interview is online at the company's Web site and helps explain how Microsoft is steering its "Trustworthy Computing" campaign. Part of the campaign's goal is to help Microsoft users realize that security is about more than systems and network configuration—it also entails privacy, availability, reliability, integrity, and other aspects related to computer use.

One interesting comment in the interview relates to how the recent terrorist attacks on America caused Microsoft to take a closer look at the security of its products, especially because security vulnerabilities in Microsoft's code, by the company's own admission, could cost people's lives in certain instances. Microsoft said in the weeks leading up to the Visual .NET Studio launch, the company required its team of project developers to perform an in-depth code review. The team targeted the review specifically at security concerns. As a result, the company made significant changes to the product before its release, without missing its projected release deadline. Now if the company had only had that attitude when it released Windows XP ...

Maybe Microsoft's refocus on security matters will result in more secure products right out of the box, especially given the memo from Microsoft Chairman and Chief Software Architect Bill Gates informing employees to place security at the top of their agenda and thought processes. If the new security focus helps, we'll either have to buy licenses to Microsoft's .NET technology to find out, or watch to see what attackers discover when the technology becomes more widely used. You can read the interview with Craig Mundie on Microsoft's Web site.

One final note: Microsoft released a new document that helps users understand how to better secure their "always-on" DSL and cable modem connections by configuring and using XP's built-in Internet Connection Firewall. The paper, which you can read on Microsoft's Web site, also points to several other sites that help users learn about third-party firewalls. Noticeably missing from Microsoft's list of Web resources is our own Windows & .NET Magazine. In any case, we've discussed and reviewed many firewall products—both enterprise and personal—and we even have a buyer's guide online. You can find the information and reports we published by searching our Security Administrator Web site using the keyword "firewall."

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.