MBSA - Microsoft Baseline Security Analyzer announcements
-
Link
This forum is for the Microsoft Baseline Security Analyzer security tool (www.microsoft.com/mbsa). No other security questions can be answered in this forum.
Welcome to the updated MBSA TechNet forum to discuss the free Microsoft Baseline Security Analyzer security scan tool.
As a security scan tool based on Microsoft Update, the behavior and results of MBSA are the same as Microsoft Update (not Windows Update that only detects updates for Windows products). With the exception of WSUS-managed machines where the administrator's approved updates take precedence, MBSA will report exactly what Microsoft Update will report. Like Systems Management Server (SMS), System Center Configuration Manager (SCCM), WSUS Server, MBSA uses the exact same logic and mechanisms as Microsoft Update to determine update applicability and installed state.
As a security scan tool, MBSA reports against three classifications of updates: Security Updates, Update Rollups and Service Packs. Critical (non-security) Updates, Definition Updates and Feature Packs and drivers are not detected by MBSA.
The majority of issues reported by MBSA users stem from an expected update not being displayed - which is often because the update is not an MSRC security bulletin listed in the Security Bulletin Search (http://www.microsoft.com/technet/security/current.aspx) or is not an update rollup (like a new version of Internet Explorer) or a Service Pack.
Almost all issues can be easily resolved by reviewing the error message displayed by MBSA, reviewing the System Requirements within the MBSA Help file (installed with MBSA) or the online MBSA Q&A (FAQ) located here: http://technet.microsoft.com/en-us/security/cc184922.
The latest MBSA news and information can be found at www.microsoft.com/mbsa and in the MBSA Q&A (FAQ).
Microsoft Advanced Threat Analytics announcements
-
Link
Here you can find discussions on Microsoft Advanced Threat Analytics or ask a question to the community.
For official product support, please contact Microsoft Customer and Services Support via http://support.microsoft.com .
For the latest product documentation, please check our TechNet library at: http://aka.ms/ata-technet
-
0 VotesHelp addressing Remote Desktop Access HACK!
Apologies in advance if this isnt in the correct thread as im somebody with very little knowledge on how computers work as far as security. It seems my computer has been infiltrated by someone with ...
-
2 Votes
bit locker recovery key issue
i have lost my recovery key for my external disk. please help me how to access my external disk now?Unanswered | 4 Replies | 42 Views | Created by Anand737 - Thursday, October 18, 2018 11:08 AM | Last reply by Ronald Schilf - Thursday, October 18, 2018 12:24 PM -
0 Votes
SQL Clustering issue hardening
Hi All, In SQl Clustering Environment when i have SQL 1, SQL2 Active & Passive When doing hardening SQL ...Unanswered | 1 Replies | 25 Views | Created by Miles Tan - Thursday, October 18, 2018 6:52 AM | Last reply by Andy Liu50 - Thursday, October 18, 2018 9:03 AM -
1 Votes
MBSA links and FAQ gone
All the links to download MBSA from Google seem to have been removed, and the old FAQ post has been removed also. The main link of ...Unanswered | 3 Replies | 370 Views | Created by cf090 - Wednesday, October 3, 2018 6:56 AM | Last reply by cf090 - Wednesday, October 17, 2018 2:27 PM -
0 Votes
Computer/User view page refreshes every 5s
When I click on a computer or user object to view its timeline, whether it was involved in a suspicious activity or not, the page keeps refreshing every 5s thus not allowing me to perform an ...Unanswered | 8 Replies | 326 Views | Created by J0A0 PAUL0 - Monday, June 11, 2018 2:07 PM | Last reply by Eli Ofek - Wednesday, October 17, 2018 12:02 PM -
2 Votes
ATA Directory service account logins
Hi Since the update to 1.9 we are seeing the account used for directory services within ATA connecting to PC's Is this expected ...Proposed | 3 Replies | 64 Views | Created by Kratos31 - Tuesday, October 16, 2018 12:42 PM | Last reply by Eli Ofek - Tuesday, October 16, 2018 11:47 PM -
0 Votes
RADIUS Accounting
If we forward RADIUS Accounting information to ATA, will this, in theory, reduce the number of false positives we see for Pass the ticket from VPN users? Or will this data not be used to ...Answered | 11 Replies | 143 Views | Created by ArchedMeerkat - Friday, October 12, 2018 1:30 PM | Last reply by Eli Ofek - Tuesday, October 16, 2018 11:12 PM -
0 Votes
Use ATA to detect cross-domain traffic (over a trust boundary)
We have domains A and B in a bi-directional trust and run ATA instances in both domains. Is there a way to detect account usage over/via the trust using ATA? Do ...Unanswered | 5 Replies | 189 Views | Created by H Kelley - Wednesday, September 26, 2018 11:34 PM | Last reply by Eli Ofek - Tuesday, October 16, 2018 11:04 PM -
0 Votes
Servicing Stack update - should it always be installed?
https://support.microsoft.com/en-us/help/4090914/servicing-stack-update-for-windows-10-version-1709-march-5-2018 I am seeing a Servicing Stack update for each release of Windows 10 1709. ...Unanswered | 3 Replies | 467 Views | Created by Susan Bradley - Thursday, March 8, 2018 7:34 AM | Last reply by huddie71 - Tuesday, October 16, 2018 11:17 AM -
0 Votes
Gateway failed to sync the latest configuration from the center
Hi guys, ATA CENTER Console reports me this notification, after i updated the certificate for the ata center console ...Unanswered | 3 Replies | 101 Views | Created by flova - Friday, October 12, 2018 9:12 AM | Last reply by Eli Ofek - Tuesday, October 16, 2018 8:44 AM -
1 Votes
ATA still in development?
At Ignite 2018 I didn't see any talk about ATA. Is it still being developed with new versions coming out?Unanswered | 1 Replies | 76 Views | Created by jrauman - Monday, October 15, 2018 3:08 PM | Last reply by Andy Liu50 - Tuesday, October 16, 2018 5:57 AM -
0 Votes
Port 443 is bound to another process. Cannot install ATA 1.9
Hi, I decided to test ATA and downloaded v1.9. Installation of ATA 1.9 on ANY Windows server 2016 stops with message: "Port 443 is bound to another process. ...Unanswered | 10 Replies | 215 Views | Created by Thomas M.T. _ - Wednesday, September 26, 2018 3:41 PM | Last reply by Thomas M.T. _ - Monday, October 15, 2018 8:43 AM -
0 Votes
Update KB3154518 Superseded?
I am attempting to install KB3154518 to a 2008 R2 server to enable TLS 1.2 capabilities for .NET 3.5.1. However, when I attempt to install this update, I get the message that this "update is not ...Unanswered | 7 Replies | 2117 Views | Created by ChGPe - Monday, April 23, 2018 8:52 PM | Last reply by Eyal Alalouf - Sunday, October 14, 2018 4:25 PM -
0 Votes
Change syslog suser field to UPN or SAMAccountName rather than display name
The syslog output seems to use display name rather than a real login name. This makes correlation with other logs hard in the receiving SIEM. Can this be configured in ...Unanswered | 1 Replies | 74 Views | Created by H Kelley - Friday, October 12, 2018 12:54 PM | Last reply by Eli Ofek - Friday, October 12, 2018 8:44 PM -
1 Votes
Password Management solutions?
Does Microsoft offer any password management solutions? We have hundreds of service accounts that we maintain passwords for and today keep them in an encrypted file (with a password on that file). ...Proposed | 2 Replies | 110 Views | Created by jrauman - Thursday, October 11, 2018 3:11 PM | Last reply by KHart85 - Friday, October 12, 2018 11:08 AM -
0 Votes
Asking for the explanation behind the Source Computer Resolution Method column values in the ATA alerts
Hello, I received one "Identity theft using pass-the-ticket attack" alert indicating that one person’s Kerberos tickets were stolen from 1 ...Answered | 11 Replies | 709 Views | Created by MSSOC - Sunday, October 8, 2017 11:00 AM | Last reply by Eli Ofek - Friday, October 12, 2018 12:35 AM -
0 Votes
ATA 1.9 configuration
Hi all, We have implemented ATA 1.9 and installed LWGW on all domain controllers. Do I need to configure event forwarding with 1.9? Also ...Unanswered | 5 Replies | 123 Views | Created by Onurt - Tuesday, October 9, 2018 7:15 PM | Last reply by Eli Ofek - Thursday, October 11, 2018 9:09 AM -
0 Votes
Installing ATA gateway and ATA server on the same physical server
Hello Everyone, I am new to ATA myself and I am in the process of setting up the all the needed components to get the ATA implemented. I plan to setup the ...Unanswered | 2 Replies | 110 Views | Created by ChrisDPace - Tuesday, October 9, 2018 2:23 PM | Last reply by ChrisDPace - Wednesday, October 10, 2018 12:48 PM -
0 Votes
Monthly Updates that require registry changes
Regarding monthly patch releases, there currently isn't a location that lists patches that also require additional changes, i.e Registry changes alongside the installation of the ... -
0 Votes
Malicious replication of Directory Services
Similar to this question, but the IPs are known good domain controllers ...Unanswered | 7 Replies | 407 Views | Created by James H Anderson II - Friday, April 27, 2018 7:17 PM | Last reply by Eli Ofek - Wednesday, October 10, 2018 8:28 AM - Items 1 to 20 of 2662 Next ›
MBSA - Microsoft Baseline Security Analyzer announcements
-
Link
This forum is for the Microsoft Baseline Security Analyzer security tool (www.microsoft.com/mbsa). No other security questions can be answered in this forum.
Welcome to the updated MBSA TechNet forum to discuss the free Microsoft Baseline Security Analyzer security scan tool.
As a security scan tool based on Microsoft Update, the behavior and results of MBSA are the same as Microsoft Update (not Windows Update that only detects updates for Windows products). With the exception of WSUS-managed machines where the administrator's approved updates take precedence, MBSA will report exactly what Microsoft Update will report. Like Systems Management Server (SMS), System Center Configuration Manager (SCCM), WSUS Server, MBSA uses the exact same logic and mechanisms as Microsoft Update to determine update applicability and installed state.
As a security scan tool, MBSA reports against three classifications of updates: Security Updates, Update Rollups and Service Packs. Critical (non-security) Updates, Definition Updates and Feature Packs and drivers are not detected by MBSA.
The majority of issues reported by MBSA users stem from an expected update not being displayed - which is often because the update is not an MSRC security bulletin listed in the Security Bulletin Search (http://www.microsoft.com/technet/security/current.aspx) or is not an update rollup (like a new version of Internet Explorer) or a Service Pack.
Almost all issues can be easily resolved by reviewing the error message displayed by MBSA, reviewing the System Requirements within the MBSA Help file (installed with MBSA) or the online MBSA Q&A (FAQ) located here: http://technet.microsoft.com/en-us/security/cc184922.
The latest MBSA news and information can be found at www.microsoft.com/mbsa and in the MBSA Q&A (FAQ).
Microsoft Advanced Threat Analytics announcements
-
Link
Here you can find discussions on Microsoft Advanced Threat Analytics or ask a question to the community.
For official product support, please contact Microsoft Customer and Services Support via http://support.microsoft.com .
For the latest product documentation, please check our TechNet library at: http://aka.ms/ata-technet
