Real Geek Forums > Archives > Operating Systems > Windows XP > Windows XP Security & Administration > MBSA

MBSA

Posted: 08-07-2003, 11:39 AM
Robin Ferris
Guest
Posts: n/a
 
Hi

I have just run the MBSA against a machine we are
creating out standard desktop image from. For the
purposes of this exercise we have a user with admin
rights with a blank password. This is for development
puposes only and will be being removed so chill out on
that one.

However the MBSA did not pick up on the fact that it was
balnk and actually said "No user accounts have blank or
simple passwords", I was ali ttle surprised by this and
thankfull I was only using the hfnetchk part of the MBSA.

Any ideas why this feature did not work?

Thanks

Robin
Reply With Quote

Responses to "MBSA"

boot
Guest
Posts: n/a
 
MBSA
Posted: 12-04-2003, 03:39 AM

I ran The MBAS and It can up with this. I have all the
Windows update and the windows update don't say that I
need anything can someone at Microsoft help me . the last
4 the program says yhat it cant verify if they are
installed


MS03-021 Flaw In Windows Media Player May Allow Media
Library Access (819639) File C:\WINDOWS\system32\wmp.dll
has a file version [9.0.0.3075] that is greater than what
is expected [9.0.0.3008

MS02-055 Unchecked Buffer in Windows Help Facility Could
Enable Code Execution (Q323255) File C:\WINDOWS\system32
\hhctrl.ocx has a file version [5.2.3735.0] that is
greater than what is expected [5.2.3669.0].
MS03-023 Buffer Overrun In HTML Converter Could Allow
Code Execution (823559) File C:\Program Files\Common
Files\Microsoft Shared\TextConv\msconv97.dll has a file
version [2003.1100.5510.0] that is greater than what is
expected [2003.1100.5426.0].


MS02-008 XMLHTTP Control Can Allow Access to Local Files
Please refer to Q306460 for a detailed explanation.
MS03-008 Flaw in Windows Script Engine could allow code
execution (814078) Please refer to Q306460 for a detailed
explanation.
MS03-030 Unchecked Buffer in DirectX Could Enable System
Compromise (819696) Please refer to Q306460 for a detailed
explanation.
MS03-051 Buffer Overrun in Microsoft FrontPage Server
Extensions Could Allow Code Execution (813360) Please
refer to Q306460 for a detailed explanation.

Reply With Quote
Roger Abell
Guest
Posts: n/a
 
Re: MBSA
Posted: 12-04-2003, 07:17 AM
In general, a higher version usually means that an installer
has updated that product beyond the level of the last patch
released as a critical security update.

For the others, if it tells you the patch is missing you
should install it, but if you are only being given the info
warning, you should follow up using the provided
reference. Where it says to see 876543 visit
support.microsoft.com/?id=876543 in the browser.
You can also refer to Add/Remove to see if the KB
article number is listed, or look at the uninstall folders
at the root of the Windows directory. Finding it in
Add/Remove or that there is an uninstall directory
is not a guarantee that the install was successful or
that is had not been regressed.

--
Roger Abell
Microsoft MVP (Windows Server System: Security)
MCSE (W2k3,W2k,Nt4) MCDBA
"boot" <anonymous@discussions.microsoft.com> wrote in message
news:04e201c3ba18$29dbfbd0$a501280a@phx.gbl...
>
> I ran The MBAS and It can up with this. I have all the
> Windows update and the windows update don't say that I
> need anything can someone at Microsoft help me . the last
> 4 the program says yhat it cant verify if they are
> installed
>
>
> MS03-021 Flaw In Windows Media Player May Allow Media
> Library Access (819639) File C:\WINDOWS\system32\wmp.dll
> has a file version [9.0.0.3075] that is greater than what
> is expected [9.0.0.3008
>
> MS02-055 Unchecked Buffer in Windows Help Facility Could
> Enable Code Execution (Q323255) File C:\WINDOWS\system32
> \hhctrl.ocx has a file version [5.2.3735.0] that is
> greater than what is expected [5.2.3669.0].
> MS03-023 Buffer Overrun In HTML Converter Could Allow
> Code Execution (823559) File C:\Program Files\Common
> Files\Microsoft Shared\TextConv\msconv97.dll has a file
> version [2003.1100.5510.0] that is greater than what is
> expected [2003.1100.5426.0].
>
>
> MS02-008 XMLHTTP Control Can Allow Access to Local Files
> Please refer to Q306460 for a detailed explanation.
> MS03-008 Flaw in Windows Script Engine could allow code
> execution (814078) Please refer to Q306460 for a detailed
> explanation.
> MS03-030 Unchecked Buffer in DirectX Could Enable System
> Compromise (819696) Please refer to Q306460 for a detailed
> explanation.
> MS03-051 Buffer Overrun in Microsoft FrontPage Server
> Extensions Could Allow Code Execution (813360) Please
> refer to Q306460 for a detailed explanation.
>

Reply With Quote
JW
Guest
Posts: n/a
 
MBSA
Posted: 02-03-2004, 08:56 PM
Thanks Wes, I found enough to feel pretty secure with
MS's firewall for now.

JW
Reply With Quote
Wesley Vogel
Guest
Posts: n/a
 
Re: MBSA
Posted: 02-03-2004, 09:31 PM
JW;
If you're referring to me, you're welcome.
If not, you're still welcome.

Please post back to the original thread, so people know
who/what you're talking about.

--
Hope this helps. Let us know.
Wes

In news:9bad01c3ea98$4389d1a0$a601280a@phx.gbl,
JW <JW@discussions.microsoft.com> hunted and pecked:
> Thanks Wes, I found enough to feel pretty secure with
> MS's firewall for now.
>
> JW
Reply With Quote
Chuck
Guest
Posts: n/a
 
MBSA
Posted: 02-06-2004, 09:00 PM
Can MBSA be installed on XP Home
Reply With Quote
Steven Umbach
Guest
Posts: n/a
 
Re: MBSA
Posted: 02-06-2004, 11:07 PM
I have not tried it, but the website says XP. Go ahead and try it. It worked for
the guy in the link below. --- Steve

http://www.woodyswatch.com/winxp/archtemplate.asp?2-n15


"Chuck" <anonymous@discussions.microsoft.com> wrote in message
news:b41601c3ecf4$4e4d9af0$a101280a@phx.gbl...
> Can MBSA be installed on XP Home

Reply With Quote
Will Harvey
Guest
Posts: n/a
 
MBSA
Posted: 04-16-2004, 04:39 AM
The program couldn't confirm updates MS03-008, MS03-030,
or MS03-051. I have installed these manually, and they
are still not confirmed. What could be the problem.?
Reply With Quote
Rich
Guest
Posts: n/a
 
RE: MBSA
Posted: 04-16-2004, 07:36 AM
You might want to try the Office Discussion group and join in the Outlook Discussion Board at the lin
below: (yeah--it should be all on one line in the explorer bar

http://www.microsoft.com/office/comm...64-91038e3eb1e

When you get into the Microsoft Office Discussion area, you want to choose Outlook and then
sub-area---probably outlook general discussion

It has been helpful on my outlook questions

Good Luc


Reply With Quote
 
LinkBack Thread Tools Display Modes
Reply

« program access for users | password protect folders »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
MBSA revisited - XP Gold??? James Windows XP Embedded 1 09-13-2003 04:05 AM
MBSA - Microsoft Baseline Security Analyzer for XPe? James Windows XP Embedded 3 09-10-2003 02:57 AM


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90