Microsoft Baseline Security Analyzer (MBSA) offline bulk scan process


The MBSA tool can be downloaded from the Microsoft.com website.  The current address for version 2.1 is http://www.microsoft.com/downloads/details.aspx?familyid=F32921AF-9DBE-4DCE-889E-ECF997EB18E9&displaylang=en.

MBSA can be run offline (if the machine being used to scan is not connected to the Internet). If using it in this configuration, it is necessary to ensure the latest updates are used.

Once you have installed the latest updates, follow the steps below to run the scans.

Create a new text file called ‘computers.txt’ and list the names of the servers to be scanned – as shown in Figure 1 below. This should be saved on the computer being used to run the scan.

clip_image001

Figure 1: Computers.txt file contents

Open a command prompt and navigate to ‘C:\Program Files\Microsoft Baseline Security Analyzer 2’

Run the following command (This assumes that the wsusscn2.cab and the text file ‘computers.txt’ have been saved into the root of the C: drive.:

Mbsacli /catalog c:\wsusscn2.cab /listfile c:\computers.txt /wi /nvc /nd

/wi = show all updates even if not approved on the WSUS server.

/nvc = Do not check for a new version of MBSA.

/nd = Do not download any files from the Microsoft.com web site when scanning.

Wait for the scan to complete.

Open the MBSA console from the Start Menu.

Click ‘View existing security scan report’.


Comments (1)

  1. Stumbled upon this says:

    Microsoft Baseline Security Analyzer 2.3 download link:

    http://www.microsoft.com/.../details.aspx

Skip to main content