[NT] Microsoft Releases Two Security Tools
From: support@securiteam.comDate: 08/21/01
- Previous message: support@securiteam.com: "[NT] Cerberus FTP Server Directory Traversal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Subject: [NT] Microsoft Releases Two Security Tools Message-Id: <20010821210555.A3E63138BF@mail.der-keiler.de> Date: Tue, 21 Aug 2001 23:05:55 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Microsoft Releases Two Security Tools
------------------------------------------------------------------------
SUMMARY
Microsoft has released two new security tools:
- <www.microsoft.com/security/mpsa> Microsoft Personal Security Advisor
-
<http://www.microsoft.com/technet/itsolutions/security/tools/hfnetchk.asp>
HFNetChk
DETAILS
The Personal Security Advisor (MPSA) is a GUI-based tool that will scan
your local Windows NT 4.0 or Windows 2000 machine and report on a host of
security issues including: missing security patches, weak passwords,
Internet Explorer and Outlook Express security settings, and Office macro
protection settings. The intended audience for this tool is an individual
end-user who is looking for a simple way to assess and secure their
machine without getting into a lot of technical detail.
The second tool is more geared to system administrators, security
auditors, et al. HFNetChk is a command-line tool that will scan either
your local machine or a collection of remote machines to assess their
current security patch status. The tool can be run from an NT4 or Windows
2000 system, and can scan NT4 and Windows 2000 machines for missing or
installed patches for the OS, IIS4, IIS5, SQL Server 7.5 and 2000, and IE
5.01 and later.
HFNetChk utilizes an XML file that contains details on each of the
security patches that have been released with security bulletins. Patch
details include: Files in the patch including their file version,
checksum, and location; registry keys installed by the patch; information
about which patches are superseded by other patches, and which patches are
applicable to each application and related service pack.
When HFNetChk is run, it downloads the XML file (signed CAB file), parses
it, and then compares data in the XML file to data from the machine being
scanned. File details and registry keys are checked (there is a switch
available to bypass the registry key check) - should any detail on the
system not match what is known in the XML file, the patch is considered
not installed.
Default output from HFNetChk will display missing patches for the given
system. Patch supersedence is taken into account, so you will only see
those patches are missing and are not superseded by any other patch (there
is a switch to control this setting as well). To view details about why a
patch is considered NOT installed - run hfnetchk with the -v switch
(hfnetchk.exe -v).
More details on HFNetChk are available in the following KB article:
<http://support.microsoft.com/directory/article.asp?ID=kb;en-us;Q303215>
http://support.microsoft.com/directory/article.asp?ID=kb;en-us;Q303215
ADDITIONAL INFORMATION
The information has been provided by <mailto:secure@MICROSOFT.COM>
Microsoft Security Response Center.
Comments, questions, bugs, and feedback can be sent to
<mailto:hfnetchk@microsoft.com> HFNetChk email.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[NT] Cerberus FTP Server Directory Traversal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
