Microsofts Baseline Security Advisor, released last week, is mainly an interface shell for its command-line HFNet-Check tool, but its one that provides lots of extra information and usability for companies scanning Windows systems and applications for security holes and missing patches.
Using the free Baseline Security Advisor, eWeek Labs was able to quickly scan single PCs or groups of systems for potential vulnerabilities. After completing a scan, the tool listed all the tests it performed and marked with red Xs or yellow checkmarks the vulnerabilities requiring immediate attention. Next to each problem, we could get additional information or open a page containing links to patches and fixes (see screen, above).
In addition to scanning Windows XP, 2000 and NT, the Baseline Security Advisor scans Internet Information Services, Microsofts SQL Server and Internet Explorer, as well as Microsoft applications such as Office.
The system performing the scans needs to have administrator access to all systems being scanned. One problem we ran into while scanning groups of systems was that if the tool ran into a problem with one system, it would cancel the test rather than skip the problem system.
The Baseline Security Advisor can be downloaded at www.microsoft. com/security.