This tool is the tool that audits the configuration of your security posture and advises you of vulnerabilities. The Microsoft Baseline Security Analyzer combines a graphical user interface with a command line interface to allow end users of Microsoft Windows to easily asses the security state of their machines and domain.
In the real world it would be used to take a snapshot of what the current security posture would be and then make suggestions about what should be changed and why. While this has some value it did not appear that this was anything but a cursory audit as it barely took a minute for the program to come up with the vulnerabilities.
The application is ridiculously easy to use, so much so that I found myself wondering if it was really doing anything at all. You start it and the next thing you know in a few seconds (so it seemed) it was giving me the results of the scan and also the recommendations. This application has been designed to meet the security needs of the home and domain end user. Because of this design it has earned a place on the local drive of home users and system administrators as a means of assessing known vulnerabilities of the Windows environment. Used in the home environment, this application presents an understandable, easy to follow process to securing the home computing environment.
Following in the footsteps of previously studied applications, the Microsoft Baseline
Security Analyzer was downloaded, installed, and executed on a host computer using Microsoft Windows. For this lab environment, the installation was conducted using Windows XP Service Pack Two, running within the confines of Virtualbox.15 The Virtualbox Windows installation was considered to be up to date at the time of the scan.
Three vulnerabilities found with Virtualbox installation of Windows XP SP2 included: unnecessary services, accessible shared resources, and improperly configured (according to Microsoft) Windows Firewall.
The first vulnerability of unnecessary services included the...