Microsoft offers free tool for security checks

Deep in the midst of an effort to beef up the security of its software, Microsoft Corp. Monday made available a free tool designed to search out security vulnerabilities hiding in Windows-based computers.

Called the Microsoft Baseline Security Analyzer (MBSA), the tool is intended to provide users with an easy way to check their systems for common problems that arise when computers are configured incorrectly or when users fail to install suggested security patches, Microsoft said.

After scanning a system with the tool, users receive a security report card that lists all the holes and vulnerabilities found during the scan. The MBSA does not actually download and install fixes but provides instructions how to do so.

The tool, which is 2.5MB in size, can be downloaded from Microsoft’s developer Web site at

It can be installed on Windows 2000 desktop and server operating systems as well as the Home and Professional Editions of Windows XP, Microsoft said. Users must also have version 5.1 or higher of Internet Explorer.

The MBSA can also be used to scan for security holes on the following software: Windows NT 4.0, Windows 2000, Windows XP, Internet Information Server 4.0 and 5.0, SQL Server 7.0 and 2000, Internet Explorer 5.01 and later, and Office 2000 and XP.

Developed with the help of Shavlik Technologies in St. Paul, Ma., Microsoft first detailed the tool at the RSA Security Conference in February.