How does mbsa check passwords

Sure, you can use automatic installation scripts, but there needs to be a way to confirm that the script has actually done its job.

This is where the Microsoft Baseline Security Analyzer comes in. What is the Microsoft Baseline Security Analyzer? What makes this utility unique is that it is dynamic. As Microsoft releases additional security updates and recommendations, the utility is automatically made aware of those updates through the Internet. After the tests are run, a comprehensive report is generated for each PC. This report contains detailed information about any specific security problems that were found on that individual machine, along with specific instructions on how to fix these problems.

What gets tested? Although not completely comprehensive, the MBSA performs a wide variety of tests on your computers. On the screen that allows you to choose what tests should be run, the password test is actually listed separately from the Windows vulnerability tests.

The reason for this is that if you have machines that have many user accounts on them, the password test can take a long time to complete. The password test begins by checking for short or blank passwords. Another Windows vulnerability check that MBSA performs is to see which users are members of the local administrators' group.

If more than two users are members of this group, then MBSA flags the user as a security risk. MBSA also performs an auto-logon test. The auto-logon feature stores a username and password in the registry for the purpose of automatically logging on to the system on power up. If the auto-logon feature is enabled, and the password is stored in clear text, then MBSA flags it as a severe vulnerability.

If the auto-logon feature is used, but the password is encrypted, then the machine is flagged as having a potential vulnerability. A window will display when the installation has been successfully completed. Click OK. Click Scan a computer. Leave all options set to default and click Start Scan. MBSA will download the list of latest security catalogue from Microsoft and begin the scan. Once the scan is complete, the scan results are shown in an organized report with several sections. Each section may require you to take different actions in order to remediate any problems that have been detected.

On the left you will see a column labeled Score. Scan this list for any Red Xs. A red X represents an item that needs to be fixed. Security Update Checks The Security Updates section determines which available service packs and security updates for predetermined MS products match the state of your computer. Windows Checks The Windows and Desktop Applications check determines if your current configuration leaves your computer vulnerable to easy attacks. Analyzing the Scan For each vulnerability, MBSA provides additional details about the scan via the What was scanned link, the Result details link, and the How to correct this link.

The screen shot below displays the window that appears after you click on the Result details link. So, my question Does anyone know how many attempts MBSA makes?

Popular Topics in General Windows. Spiceworks Help Desk. The help desk software for IT. Track users' IT needs, easily, and with only the features you need.

Learn More ». Project Security Issues Completed Project Tasks Project Challenges Lessons Learned Evaluated by Jamaal Green Evaluated by Angela Richardson Our project team will check certain settings to determine. If enabled,. Automatic updates will be checked to identify whether the feature is enabled and if so, how it is.

It should be configured to best fit the security needs of the host. Guest Account check. It may be enabled and. The Firewall will be. The resulting security scan report will be analyzed for critical issues,. The critical scans will be addressed and. Non-critical issues and best practices will be reviewed the. The MBSA 2.