Need help & support regarding MBSA 2.1 beta 2

I am trying to run a scan with MBSA 2.1, but it encounters an error as soon
as it begins. Here is the log of the scan:

Security assessment: Incomplete Scan
Computer name: MSHOME\YOUR-9020FCA106
IP address: 192.168.0.101
Security report name: MSHOME - YOUR-9020FCA106 (5-22-2008 2-11 PM)
Scan date: 5/22/2008 2:11 PM
Scanned with MBSA version: 2.1.2030.0
Catalog synchronization date:
Security update catalog: Windows Server Update Services

Security Updates Scan Results

Issue: Security Updates
Score: Unable to scan
Result: Cannot scan because target computer is not assigned to a Update
Services server.


Operating System Scan Results

Administrative Vulnerabilities

Issue: Local Account Password Test
Score: Check passed
Result: No user accounts have simple passwords.

Detail:
| User | Weak Password | Locked Out | Disabled |
| HelpAssistant | - | - | Disabled |
| SUPPORT_388945a0 | - | - | Disabled |
| ASPNET | - | - | - |
| Administrator | - | - | - |
| Guest | - | - | - |
| miguel mesa | - | - | - |
Issue: File System
Score: Check passed
Result: All hard drives (1) are using the NTFS file system.

Detail:
| Drive Letter | File System |
| C: | NTFS |
Issue: Password Expiration
Score: Check not performed
Result: Check is skipped on Windows XP Home Edition computers.

Issue: Guest Account
Score: Check passed
Result: The Guest account is not disabled on this computer.

Issue: Autologon
Score: Check not performed
Result: Check is skipped on Windows XP Home Edition computers.

Issue: Restrict Anonymous
Score: Check passed
Result: Computer is properly restricting anonymous access.

Issue: Administrators
Score: Check passed
Result: No more than 2 Administrators were found on this computer.

Detail:
| User |
| Administrator |
| miguel mesa |
Issue: Windows Firewall
Score: Best practice
Result: Windows Firewall is managed through Group Policy on this
computer. Windows Firewall is disabled and has exceptions configured.

Detail:
| Connection Name | Firewall | Exceptions |
| Incoming Connections | N/A | N/A |
| Internet Connection | N/A | N/A |
| All Connections | Off | Ports, Programs, Services |
| Broadband Connection | Off* | Ports*, Programs*, Services* |
| Local Area Connection | Off* | Ports*, Programs*, Services* |
| MSN | Off* | Ports*, Programs*, Services* |
| Wireless Network Connection 3 | Off* | Ports*, Programs*, Services* |
Issue: Automatic Updates
Score: Check passed
Result: Updates are automatically downloaded and installed on this
computer.

Issue: Incomplete Updates
Score: Best practice
Result: No incomplete software update installations were found.

Additional System Information

Issue: Windows Version
Score: Best practice
Result: Computer is running Windows 2000 or greater.

Issue: Auditing
Score: Best practice
Result: Check is skipped on Windows XP Home Edition computers.

Issue: Shares
Score: Best practice
Result: 1 share(s) are present on your computer.

Detail:
| Share | Directory | Share ACL | Directory ACL |
| print$ | C:\WINDOWS\system32\spool\drivers | Everyone - R,
Administrators - F | Everyone - F |
Issue: Services
Score: Best practice
Result: No potentially unnecessary services were found.


Internet Information Services (IIS) Scan Results
IIS is not running on this computer.

SQL Server Scan Results

Instance MSSMLBIZ

Administrative Vulnerabilities

Issue: SQL Server/MSDE Security Mode
Score: Check passed
Result: SQL Server and/or MSDE authentication mode is set to Windows Only.

Issue: Exposed SQL Server/MSDE Password
Score: Check passed
Result: The 'sa' password and SQL service account password are not
exposed in text files.

Issue: CmdExec role
Score: Check passed
Result: CmdExec is restricted to sysadmin only.

Issue: Registry Permissions
Score: Check passed
Result: The Everyone group does not have more than Read access to the
SQL Server and/or MSDE registry keys.

Issue: Folder Permissions
Score: Check failed (critical)
Result: Permissions on the SQL Server and/or MSDE installation folders
are not set properly.

Detail:
| Instance | Folder | User |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |
BUILTIN\Users |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |
YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |
\CREATOR OWNER |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |
YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |
YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |
\CREATOR OWNER |
Issue: Sysadmin role members
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.

Issue: Guest Account
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.

Issue: Sysadmins
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.

Issue: SQL Server/MSDE Account Password Test
Score: Check not performed
Result: The check was skipped because SQL Server and/or MSDE is
operating in Windows Only authentication mode.

Issue: Service Accounts
Score: Check failed (non-critical)
Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service
accounts should not be members of the local Administrators group or run as
LocalSystem.

Detail:
| Instance | Service | Account | Issue |
| MSSMLBIZ | MSSQL$MSSMLBIZ | miguel mesa | Local Administrator account. |
Issue: Password Policy
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.

Issue: Public Permissions
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.

Issue: SSIS Roles
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.

Issue: Sysdtslog
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.


Instance SONY_MEDIAMGR

Administrative Vulnerabilities

Issue: SQL Server/MSDE Security Mode
Score: Check passed
Result: SQL Server and/or MSDE authentication mode is set to Windows Only.

Issue: Exposed SQL Server/MSDE Password
Score: Check passed
Result: The 'sa' password and SQL service account password are not
exposed in text files.

Issue: CmdExec role
Score: Check passed
Result: CmdExec is restricted to sysadmin only.

Issue: Registry Permissions
Score: Check passed
Result: The Everyone group does not have more than Read access to the
SQL Server and/or MSDE registry keys.

Issue: Folder Permissions
Score: Check passed
Result: Permissions on the SQL Server and/or MSDE installation folders
are set properly.

Issue: Sysadmin role members
Score: Best practice
Result: BUILTIN\Administrators group should not be part of sysadmin role.

Issue: Guest Account
Score: Check passed
Result: The Guest account is not enabled in any of the databases.

Issue: Sysadmins
Score: Check failed (non-critical)
Result: More than 2 members of sysadmin role are present.

Issue: SQL Server/MSDE Account Password Test
Score: Check not performed
Result: The check was skipped because SQL Server and/or MSDE is
operating in Windows Only authentication mode.

Issue: Service Accounts
Score: Best practice
Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service
accounts should not be members of the local Administrators group or run as
LocalSystem.

Detail:
| Instance | Service | Account | Issue |
| SONY_MEDIAMGR | MSSQL$SONY_MEDIAMGR | SYSTEM | LocalSystem account. |
| SONY_MEDIAMGR | SQLAgent$SONY_MEDIAMGR | SYSTEM | LocalSystem account. |

Desktop Application Scan Results

Administrative Vulnerabilities

Issue: IE Zones
Score: Check passed
Result: Internet Explorer zones have secure settings for all users.

Issue: Macro Security
Score: Check not performed
Result: No Microsoft Office products are installed

Any kind of help will be greatly appreciated. Thanks
.

Relevant Pages

  • Re: sbs 2003 network slow why?
    ... Issue: Local Account Password Test ... SQL Server and/or MSDE authentication mode is set to Windows Only. ... The Everyone group does not have more than Read access to the SQL Server and/or MSDE registry keys. ... BUILTIN\Administrators group should not be part of sysadmin role. ...
    (microsoft.public.windows.server.sbs)
  • Getting to the bottom of MSDE network connection problems ...
    ... but other than that it is MSDE 2000 with sp3a already applied. ... I've finally figured out the connection problems associated with this, ... and it seems the problems are due to Windows XP and not MSDE. ... the enterprise/standard versions of SQL server won't install ...
    (microsoft.public.sqlserver.msde)
  • Re: VS2005: SQL Debugging "T-SQL execution ended without debugging. You may not have sufficient
    ... > account also must be a member of the sysadmin role in the target SQL ... and the Windows firewall is disabled on both client & server. ... to the remote SQL Server 2005. ... But I'm still getting the "T-SQL execution ended without debugging. ...
    (microsoft.public.vsnet.debugging)
  • RE: Getting to the bottom of MSDE network connection problems ...
    ... the way using the same installation scenario on Win2K works with no problem. ... > various versions of MSDE and Windows XP ... > and it seems the problems are due to Windows XP and not MSDE. ... > on a desktop OS like XP (meaning that, you can not compare SQL Server ...
    (microsoft.public.sqlserver.msde)
  • Re: Need help & support regarding MBSA 2.1 beta 2
    ... Issue: Local Account Password Test ... Check is skipped on Windows XP Home Edition computers. ... SQL Server and/or MSDE authentication mode is set to Windows ...
    (microsoft.public.security)