Microsoft has created a new tool, the Microsoft Baseline Security Analyzer (MBSA), to analyze Windows systems for common security misconfigurations. Version 1.0 of MBSA includes a graphical and command line interface that can perform local or remote scans of Windows systems. MBSA runs on Windows 2000 and Windows XP systems and will scan for missing hotfixes and vulnerabilities in the following products: Windows NT 4.0, Windows 2000, Windows XP, Internet Information Server (IIS) 4.0 and 5.0, SQL Server 7.0 and 2000, Internet Explorer (IE) 5.01 and later, and Office 2000 and XP.
MBSA uses a version of HFNetChk to scan for missing hotfixes and service packs for Windows, IIS, and SQL. MBSA will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML. Download Microsoft Baseline Security Analyzer 1.0 For more information visit Microsoft Technet