Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. The MBSA reports more missing security updates when you use the SUS option on a Windows 2000, Windows Server 2003, or Windows XP-based computer

The MBSA reports more missing security updates when you use the SUS option on a Windows 2000, Windows Server 2003, or Windows XP-based computer

View products that this article applies to.

Introduction

This article discusses why you may see different results when you run the Microsoft Baseline Security Analyzer (MBSA) in default mode and when you run the MBSA with the Microsoft Software Update Services (SUS) option. The MBSA may report additional missing security updates when you use the SUS option. This article also provides a brief description of the MBSA in default mode and of the MBSA with the SUS option.

↑ Back to the top

More information

Microsoft Baseline Security Analyzer version 1.2 in default mode

When you run the MBSA in default mode, the MBSA downloads a Mssecure.cab file that matches the language of the computer that is being scanned and extracts a localized XML file for use in the scan. For example, if you remotely scan a Japanese Windows-based computer, MBSA will download the Japanese Mssecure.cab file that contains a localized Mssecure.xml file for use in the scan.

In default mode, the MBSA reports all the security updates that are not installed, but collapses all the updates that are outdated or superseded by more recent or cumulative updates.

Microsoft Baseline Security Analyzer version 1.2 with the SUS option

MBSA version 1.2 supports the option to scan for security updates by using a local SUS server. You can select the SUS option in the MBSA user interface or in the MBSA command line interface. MBSA performs a scan with the SUS option by using the list of approved updates on the local SUS server instead of by using the list of available updates that are listed in the Mssecure.xml file that is downloaded at run time.

When you run the MBSA with the SUS option, the tool scans for and reports on all SUS server approved updates. This includes updates that have been superseded by newer or cumulative updates. Because the MBSA scans a computer to determine whether all the updates that are approved by the SUS server are explicitly installed, the resulting report may show more updates needed when you use a SUS server-based scan that when you use the default (non-SUS Server) scan. Be aware that because some of the reported updates may have been superseded, you may not have to explicitly install all the updates that appear in the report when you run the MBSA with the SUS option. If a security update is superseded by a later release or is part of a cumulative security update, you do not have to install the security update.

For more information about MBSA, visit the following Web site:
http://www.microsoft.com/technet/security/tools/mbsahome.mspx
For more information about SUS and WSUS, visit the following Web site:
http://technet.microsoft.com/en-us/wsus/default.aspx

↑ Back to the top

Keywords: KB840673, kbinfo, kbtshoot

↑ Back to the top

Article Info
Article ID : 840673
Revision : 5
Created on : 11/5/2007
Published on : 11/5/2007
Exists online : False
Views : 436