Baseline Security Analyzer provides a streamlined method of identifying common security misconfigurations.
As part of Microsoft's Strategic Technology Protection Program, and in response to direct customer need for a streamlined method of identifying common security misconfigurations, Microsoft has developed the Microsoft Baseline Security Analyzer (MBSA). Version 1.1.1 of MBSA includes a graphical and command line interface that can perform local or remote scans of Windows systems. MBSA runs on Windows Server 2003, Windows 2000, and Windows XP systems and will scan for common security misconfigurations in the following products: Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, Internet Information Server (IIS) 4.0 and 5.0, SQL Server 7.0 and 2000, Internet Explorer (IE) 5.01 and later, and Office 2000 and 2002. MBSA also scans for missing security updates for Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, IIS, SQL, Exchange, IE, and Windows Media Player.
System Requirements
Supported Operating Systems: Windows 2000, Windows Server 2003, Windows XP
Internet Explorer 5.01 and later
An XML parser is required (MSXML version 3.0 SP2) for the tool to function correctly. Systems not running IE 5.01 or greater will need to download and install an XML parser to run this tool. MSXML version 3.0 SP2 can be installed during tool setup, otherwise, you can download and install a standalone version of the Microsoft XML parser
The IIS Common Files are required on the computer on which the tool is installed if performing remote scans of IIS computers]
Download from:
http://www.microsoft.com/downloads/details.aspx?FamilyID=9a88e63b-92e3-4f97-80e7-8bc9ff836742&DisplayLang=en