In an Aug. 27 Pings&Packets item, I found Microsofts free Network Security Hotfix Checker to be a useful tool for finding potential security holes and missing patches for Windows 2000 and NT server systems.
However, I wasnt impressed with the usability of the tool. When I ran the command-line utility against systems, it often returned long lists of potential holes and needed patches but almost no information as to the nature of the hole or the patch. The tool mainly returns a cryptic Microsoft knowledge base number, forcing users to spend hours searching Microsoft for the right patches and workarounds.
Helping to solve this problem is a free utility from Maximized Software called Hotfix Reporter. This simple tool runs the command-line Microsoft tool, then returns the results to a Web browser, providing links to knowledge base articles and security bulletins.
Microsofts Network Security Hotfix checker is actually made by Shavlik Technologies, which sells a full-featured version that includes improved reporting.
Hotfix Reporter is at www.maximized.com/freeware/hotfixreporter.
