Microsoft Baseline Security Analyzer is a handy and free tool to check the security misconfigurations and missing security updates in your PC. It runs a deep scan for your PC and generates the results. You can check issues related to Security Updates, Desktop Application(s), Windows Administrative Vulnerabilities, and more.
You will also be able to find out what is scanned by this tool and how to correct a particular issue. If the steps are not enough for you to solve a particular issue, you can also access Result Details to get the direct download link to solve the issue.
The screenshot above shows the results page of this tool.
Note: This tool is built to use for Windows 8.1 and lower versions. However, I have used it on my Windows 10 PC and it worked really good.
Scan a PC To Check Security Issues Using Microsoft Baseline Security Analyzer:
Here is the homepage link of this tool. Download it and install it. Launch its interface and then you will be able to select the option to scan your PC. This tool also lets you scan multiple PCs (available in a network) using domain names or IP addresses.
After selecting your PC, you can set options for scanning. For example, you can enable options to check PC for:
- Windows Administrative Vulnerabilities
- Weak passwords
- Security Updates
- Internet Information Services (IIS) administrative vulnerabilities
- SQL administrative vulnerabilities, etc.
Now you need to Start Scan to get the results. It may take some time to generate the results as the information is downloaded from servers.
When the scanning is completed, results will be in front of you. Now you can have a look at the scanned results. You will come to know:
- Windows Administrative Vulnerabilities: It shows:
- Autologon is enabled or not.
- How many administrators are found on your PC.
- Your PC is restricting the anonymous access or not.
- Guest account is enabled or disabled.
- Windows Firewall is enabled or not.
- User accounts have non-expiring passwords or expiring passwords.
- Incomplete updates, etc.
- IE zones have secure settings or not.
- SQL Server is installed on your PC or not.
- Missing security updates, like SQL Server Security, Office Security updates, Developer tools, Runtimes updates, etc. However, it is not necessary that you should install all of those updates. There might be some options that you have disabled intentionally.
- Shared folders available in your PC.
- If unnecessary services are running in your PC.
- Logon success and failure auditing are enabled or not, etc.
You need to check the issues carefully and then take the action. For each individual issue, it provides options to see the details, guide to correct an issue, and information about items that were scanned.
Conclusion:
Microsoft Baseline Security Analyzer is good to check if there are some security holes that you should fix on your PC or not. Although there would be some issues that you should not pay much attention, but it is surely handy to detect and solve some serious security issues and other misconfigurations.
