Microsoft is beginning to release useful security oriented tools. Microsoft Baseline Security Analyzer (MBSA) checks Windows NT 4 SP4 and up, Windows 2000, and Windows XP for common security vulnerabilities. MBSA can be installed on Windows 2000 and Windows XP. MBSA currently performs five checks:
Hotfix checks : scans for missing hotfixes for Windows NT 4, Windows 2000, all system services, SQL 7.0, SQL 2000, and IE 5.01 and later.
Password checks : checks for blank and weak passwords.
Vulnerability checks : scans for security issues and common configuration mistakes in Windows operating systems (NT4, 2000, and XP).
IIS checks : scans for security issues in IIS 4.0 and 5.0.
SQL vulnerability checks : scans for security issues in SQL 7.0 and 2000.
The tool can be run in GUI mode ( mbsa.exe ) or more usefully for automated periodic checks, in command line mode (mbsacli.exe).