MBSA - Microsoft Baseline Security Analyzer announcements
-
Link
This forum is for the Microsoft Baseline Security Analyzer security tool (www.microsoft.com/mbsa). No other security questions can be answered in this forum.
Welcome to the updated MBSA TechNet forum to discuss the free Microsoft Baseline Security Analyzer security scan tool.
As a security scan tool based on Microsoft Update, the behavior and results of MBSA are the same as Microsoft Update (not Windows Update that only detects updates for Windows products). With the exception of WSUS-managed machines where the administrator's approved updates take precedence, MBSA will report exactly what Microsoft Update will report. Like Systems Management Server (SMS), System Center Configuration Manager (SCCM), WSUS Server, MBSA uses the exact same logic and mechanisms as Microsoft Update to determine update applicability and installed state.
As a security scan tool, MBSA reports against three classifications of updates: Security Updates, Update Rollups and Service Packs. Critical (non-security) Updates, Definition Updates and Feature Packs and drivers are not detected by MBSA.
The majority of issues reported by MBSA users stem from an expected update not being displayed - which is often because the update is not an MSRC security bulletin listed in the Security Bulletin Search (http://www.microsoft.com/technet/security/current.aspx) or is not an update rollup (like a new version of Internet Explorer) or a Service Pack.
Almost all issues can be easily resolved by reviewing the error message displayed by MBSA, reviewing the System Requirements within the MBSA Help file (installed with MBSA) or the online MBSA Q&A (FAQ) located here: http://technet.microsoft.com/en-us/security/cc184922.
The latest MBSA news and information can be found at www.microsoft.com/mbsa and in the MBSA Q&A (FAQ).
Microsoft Advanced Threat Analytics announcements
-
Link
Here you can find discussions on Microsoft Advanced Threat Analytics or ask a question to the community.
For official product support, please contact Microsoft Customer and Services Support via http://support.microsoft.com .
For the latest product documentation, please check our TechNet library at: http://aka.ms/ata-technet
-
3 VotesCVE-2019-1161 | Microsoft Defender Elevation of Privilege Vulnerability
Hi everyone, Our Nessus scanner detected the following vulnerability : Description <section> The version ...Unanswered | 8 Replies | 1734 Views | Created by Lucas092 - Wednesday, August 28, 2019 1:36 PM | Last reply by Lucas092 - 2 hours 36 minutes ago
-
0 Votes
ATA Update available but not showing on Windows Update
Hello, My ATA Center tells me there is an update available and I can use Microsoft Update to download and install it. My current version is 1.9.7312.32791 and the ...Unanswered | 1 Replies | 24 Views | Created by netdiag - 21 hours 53 minutes ago | Last reply by Eli Ofek - 18 hours 48 minutes ago -
0 Votes
Kerberoasting a Honeytoken - Suspicious Activity Raised?
If an attacker requests a service ticket for a Honeytoken account (not attempting a logon, just asking for a service ticket) should that generate a suspicious activity?Unanswered | 4 Replies | 174 Views | Created by H Kelley - Thursday, August 29, 2019 7:52 PM | Last reply by H Kelley - Friday, September 13, 2019 1:00 PM -
0 Votes
MBSA no longer supported - stop asking questions about it - here is an alternate solution
" & update.Title Next WScript.Quit Now open up an elevated command prompt and change to the ... -
0 Votes
Enabling log monitoring & setting up using SIEM.
Hi there, I am planning on setting more logging options using SIEM tool. I found a document in one of the Microsoft websites sometime ago which explains about enabling ...Answered | 3 Replies | 154 Views | Created by mywindows - Wednesday, September 4, 2019 4:44 PM | Last reply by mywindows - Wednesday, September 11, 2019 6:56 PM -
0 Votes
Forwarding events still usable?
Hi there, we've just enabled event-forwarding for our ATA deployment (version 1.9.7478.57683). It looks like the events are not processed since there are no ...Answered | 1 Replies | 81 Views | Created by m.glende - Wednesday, September 11, 2019 2:51 PM | Last reply by Eli Ofek - Wednesday, September 11, 2019 6:36 PM -
0 Votes
Deja Blue - New Security Hole
Hi, Guys. Any information regarding new security hole named DejaBlue and how to address it? (i.e. latest patches released)? What is its corresponding CVE ...Unanswered | 1 Replies | 256 Views | Created by Mr_Wayne - Thursday, August 15, 2019 5:04 AM | Last reply by duncan320 - Wednesday, September 11, 2019 3:56 PM -
0 Votes
Issue in accessing MSRC Developer link
When I tried to access msrc developer page link, I am getting sign in page but after signing in, I get an error saying developer API is currently unavailable. It was working fine few days back. What ...Unanswered | 0 Replies | 63 Views | Created by Asha Sebastian - Wednesday, September 11, 2019 11:17 AM -
0 Votes
The right management for Zero-Day Vulnerabilities.
Hello Community The following vulnerabilities mentioned below, were flagged by Qualys as a Zero day (published 04222019), no CVE available ...Unanswered | 4 Replies | 178 Views | Created by yazzsoza - Monday, September 9, 2019 10:44 PM | Last reply by GordonVA - Tuesday, September 10, 2019 2:09 PM -
0 Votes
WINDOWS 10 SERVICES, START NAME UNAVAILABLE, USERDATA STORAGE_1116fec UNISTACKSVCGROUP
CAN ANYONE IDENTIFY THESE SERVICES RUNNING ON MY WINDOWS TEN PRO: THE START NAME SAYS NOT AVAILABLE AND THE SERVICE TYPE IS UNKNOWN AND THEY WILL NOT ALLOW ...Unanswered | 1 Replies | 137 Views | Created by XRTWE8127 - Saturday, September 7, 2019 12:54 AM | Last reply by Andy Liu50 - Monday, September 9, 2019 2:03 AM -
0 Votes
Group Policy Drive Mappings taking 70 seconds
Hello, I'm having an issue with one of the staff where i work, where the Drive mappings from group policy take 70 seconds. I've checked the event viewer of the ...Unanswered | 1 Replies | 105 Views | Created by Blackholden99 - Thursday, September 5, 2019 10:16 AM | Last reply by Andy Liu50 - Friday, September 6, 2019 1:14 AM -
0 Votes
KB4512506 install failed
Hi, I have one windows server 2008r2.When I install KB4512506,it display:Installer encountered an error:0x800b0109,A certificate chain processed, but ended in a root certificate ...Unanswered | 2 Replies | 176 Views | Created by ZhangGguoguo - Monday, September 2, 2019 2:30 AM | Last reply by biggE408 - Thursday, September 5, 2019 7:20 PM -
0 Votes
Understand impact of Windows Server 2012 security update
Hi, I am seeking inputs on understanding impact of security updates to Windows Server 2012. I ran through a Windows Server 2012 and there were couple of windows ... -
0 Votes
Backdoor.Gonymdos -- PC Running ICECAST and BUTT attacked for the third time with Norton Anti-Virus and Malwarebytes Installed
According to Norton Anti-Virus the audio streaming PC, with only ports 80 and 8000 not blocked, was infected by Backdoor.Gonymdos which, according to the literature, allows other malware to set up ... -
0 Votes
SAMRi10 - SAMR calls on Windows 10 logoff
We are looking into activating the GPO setting "Restrict clients allowed to make remote calls SAM" to prevent recon attacks on our domain controllers. ...Unanswered | 2 Replies | 145 Views | Created by Ad_min - Wednesday, September 4, 2019 10:32 AM | Last reply by Ad_min - Thursday, September 5, 2019 6:58 AM -
0 Votes
Need a clean way to distinctly identify between RDP and TS sessions.
We are using Win32 APIs ProcessIdToSessionId and GetSystemMetrics(SM_REMOTESESSION) to identify whether the session is remote or local. But we currently don’t have a clean way ...Unanswered | 1 Replies | 119 Views | Created by Phoon_2010 - Wednesday, September 4, 2019 9:43 AM | Last reply by Andy Liu50 - Thursday, September 5, 2019 12:30 AM -
0 Votes
ATA - Event ID 7031 - The MS ATA Gateway service terminated unexpectedly (only on 2016 servers).
ATA Version 1.9.7478.57683 This is only happening on our Server 2016 boxes (2012 R2 boxes are fine) where the service restarts on Monday's at 2:45 PM ONLY. We ...Unanswered | 1 Replies | 128 Views | Created by Spd-demon - Tuesday, September 3, 2019 7:05 PM | Last reply by Eli Ofek - Tuesday, September 3, 2019 7:56 PM -
0 Votes
Is there a way synchronize historical event log into ATA?
So we just reinstalled our DCs for some reason, but we kept the old dc server instances, so did the event logs. Since "The ATA Center requires a recommended ...Unanswered | 1 Replies | 117 Views | Created by uihih - Tuesday, September 3, 2019 1:38 PM | Last reply by Eli Ofek - Tuesday, September 3, 2019 3:12 PM -
0 Votes
Sensitive Group change information
Hi all is some how possible to send immediately mail when some of sensitive group are changed? Now we get this info only in summarize ...Unanswered | 3 Replies | 165 Views | Created by KONIKPK - Tuesday, August 27, 2019 8:25 AM | Last reply by Ohad Plotnik-Aorato - Tuesday, September 3, 2019 12:33 PM -
0 Votes
Malware
Anybody with Idea about SETO file extensmion. All my files turned into SETO extension, is this a malware? Please help if you know how to fix ...Unanswered | 4 Replies | 426 Views | Created by Dennis Epson - Monday, September 2, 2019 1:05 PM | Last reply by Udara Kaushalya - Tuesday, September 3, 2019 12:59 AM - Items 1 to 20 of 2907 Next ›
MBSA - Microsoft Baseline Security Analyzer announcements
-
Link
This forum is for the Microsoft Baseline Security Analyzer security tool (www.microsoft.com/mbsa). No other security questions can be answered in this forum.
Welcome to the updated MBSA TechNet forum to discuss the free Microsoft Baseline Security Analyzer security scan tool.
As a security scan tool based on Microsoft Update, the behavior and results of MBSA are the same as Microsoft Update (not Windows Update that only detects updates for Windows products). With the exception of WSUS-managed machines where the administrator's approved updates take precedence, MBSA will report exactly what Microsoft Update will report. Like Systems Management Server (SMS), System Center Configuration Manager (SCCM), WSUS Server, MBSA uses the exact same logic and mechanisms as Microsoft Update to determine update applicability and installed state.
As a security scan tool, MBSA reports against three classifications of updates: Security Updates, Update Rollups and Service Packs. Critical (non-security) Updates, Definition Updates and Feature Packs and drivers are not detected by MBSA.
The majority of issues reported by MBSA users stem from an expected update not being displayed - which is often because the update is not an MSRC security bulletin listed in the Security Bulletin Search (http://www.microsoft.com/technet/security/current.aspx) or is not an update rollup (like a new version of Internet Explorer) or a Service Pack.
Almost all issues can be easily resolved by reviewing the error message displayed by MBSA, reviewing the System Requirements within the MBSA Help file (installed with MBSA) or the online MBSA Q&A (FAQ) located here: http://technet.microsoft.com/en-us/security/cc184922.
The latest MBSA news and information can be found at www.microsoft.com/mbsa and in the MBSA Q&A (FAQ).
Microsoft Advanced Threat Analytics announcements
-
Link
Here you can find discussions on Microsoft Advanced Threat Analytics or ask a question to the community.
For official product support, please contact Microsoft Customer and Services Support via http://support.microsoft.com .
For the latest product documentation, please check our TechNet library at: http://aka.ms/ata-technet
