Re: MBSA 1.2.1 launched today
From: Doug Neal [MSFT] (dugn_at_online.microsoft.com)
Date: 08/19/04
- Next message: Bill: "trojanhorse dialer"
- Previous message: Waterhouse: "XP Scheduled Tasks w/ full control by Everyone(!)"
- In reply to: Peter Ninen: "Re: MBSA 1.2.1 launched today"
- Next in thread: Kevin Weilbacher [SBS-MVP]: "Re: MBSA 1.2.1 launched today"
- Reply: Kevin Weilbacher [SBS-MVP]: "Re: MBSA 1.2.1 launched today"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 18 Aug 2004 16:59:49 -0700
Here's a breakdown on the differences between MBSA and Windows Update so users and administrators can decide which is best to use in different situations.
MBSA does one important thing that WU does not: MBSA will check explicit files to ensure a security bulletin and all of the associated files are patched on a machine. This is far and above the best way to ensure your machine is up-to-date for all security bulletins released by Microsoft. WU detection may result in incorrect patch status after uninstalling a patch, using System Restore on a machine or performing an in-place repair of the OS. Since MBSA checks explicit file versions, no matter what state a machine is in, MBSA will correctly detect whether a patch is sufficiently applied in a way that WU cannot.
Windows Update does one important thing that MBSA does not: WU will scan for all updates, not just security updates (which can include drivers, recommended updates and 'nice to have' features offered by Microsoft).
Aside from both of these traits, it's important to understand one more aspect of MBSA 1.2. Although the current version of MBSA has added support for many OS features and components (such as MSJVM, MSXML and MDAC), there are still patches for which MBSA cannot report the status of a patch (such as Outlook Express, WSH [Windows Scripting Host], and Front Page Server Extensions). When MBSA encounters security bulletin information that the MBSA engine cannot scan for, MBSA will report a NOTE message. When MBSA encounters a security bulletin for a component or feature that is not supported by MBSA, there will be no message (no note, no warning - nothing). In both of these cases, it is an important indication that the administrator will need to check the details of this patch manually. These issues are covered more fully in the associated KB article 306460.
I hope that helps explain some of inner workings of MBSA in a way that helps
-- Doug Neal [MSFT] dugn@online.microsoft.com This posting is provided "AS IS" with no warranties, and confers no rights. If newsgroup discussion with experts and MVPs is unable to solve a problem to your satisfaction, feel free to contact PSS for the Microsoft Baseline Security Analyzer (MBSA) at the following link: http://support.microsoft.com/default.aspx?scid=fh;en-us;Prodoffer20a This e-mail address does not receive e-mail, but is used for newsgroup postings only. "Peter Ninen" <someone@somewhere.com> wrote in message news:ejNzdXWhEHA.1276@TK2MSFTNGP09.phx.gbl... Mike Chan [MSFT]" <mchan@online.microsoft.com> wrote in message news:uFkjBn8gEHA.384@TK2MSFTNGP10.phx.gbl... MBSA 1.2.1 update for Windows XP SP2 compatibility available today! I didn't get the improvement I had hoped for. MBSA 1.2.1 still disagrees with Windows Update about certain patches on certain machines. The poor user doesn't know what to do with conflicting information. These two Microsoft tools simply MUST be made to agree. This problem has gone on for a long time, and there is just no excuse.
- Next message: Bill: "trojanhorse dialer"
- Previous message: Waterhouse: "XP Scheduled Tasks w/ full control by Everyone(!)"
- In reply to: Peter Ninen: "Re: MBSA 1.2.1 launched today"
- Next in thread: Kevin Weilbacher [SBS-MVP]: "Re: MBSA 1.2.1 launched today"
- Reply: Kevin Weilbacher [SBS-MVP]: "Re: MBSA 1.2.1 launched today"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
