Educause Security Discussion mailing list archives
Re: Use of Microsoft Baseline Security Analyzer
From: Mike Wiseman <mike.wiseman () UTORONTO CA>
Date: Wed, 20 Jan 2016 13:42:40 +0000
I didn't know MBSA was still around. We used it extensively years ago by integrating it into a network registration system that was used on student resnets. Students would need to run the utility. Negative results (missing OS patches), would be used to block access until self-remediation was completed. It was very effective. We discontinued its use given the proliferation of MacOSX and mobile devices. Mike Mike Wiseman Manager, Information Security Information Technology Services University of Toronto This email and any attachments contain privileged and / or confidential information for internal University of Toronto communication only unless otherwise indicated. Hello all, Are any of you using Microsoft Baseline Security Analyzer (MBSA) to regularly scan servers and desktops for missing patches? We are having a discussion internally about differences between the report from Microsoft's tool and another vendor's patch management tool. MBSA is reporting missing patches that the other tool is not. Is MBSA broadly used and trusted? Also wondering if anyone is successfully using mbsacli with lists of computers reliably or if various factors (permissions, firewalls, power-downs, etc.) make it too difficult to use broadly? Thanks, Ben Benjamin Stein Information Security Officer California Cancer Reporting and Epidemiological Surveillance (CalCARES) Program Institute for Population Health Improvement UC Davis Health System 1631 Alhambra Blvd, Ste. 200 Sacramento, CA, 95816 Phone: 916-731-2563 Email: bstein () ccr ca gov<mailto:bstein () ccr ca gov> The CalCARES program partners with the California Department of Public Health to manage the operations of the state mandated California Cancer Registry program
Current thread:
- Use of Microsoft Baseline Security Analyzer Benjamin Stein (Jan 19)
- Re: Use of Microsoft Baseline Security Analyzer Woodruff, Dan (Jan 20)
- Re: Use of Microsoft Baseline Security Analyzer Harry Hoffman (Jan 20)
- Re: Use of Microsoft Baseline Security Analyzer Mike Wiseman (Jan 20)
- Re: Use of Microsoft Baseline Security Analyzer Woodruff, Dan (Jan 20)