Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Does Vulnerability Assessment Work with MBSA 2.0.1? 1

Status
Not open for further replies.
VictorySabre

VictorySabre

Technical User
Feb 14, 2002
225
CA
I'm currently testing the Vulnerability Assessment tool that comes with SMS 2003 R2 and it worked fine on my test PCs initially. Then when MBSA 2.0.1 came out, I upgraded some of my PCs manually to that new version and now the Vulnerability Assessment tool refuses to run on these test PC. I get an error message that MBSA is not installed even though it is installed and runs fine.

Has anyone else encountered a similar problem or does it still work for you?

Thanks!
 
Sort by date Sort by votes
Have you tried distributing the new MBSSA client through the normal centralised push update procedure?

Otherwise, force software inventory and system scan on the target machines, as the package will have a requirement that a certain version of the client agent is required on the target. Even if the machines HAVE the correct version of the client, if the SMS Inventory doesn't recognise the new client as the sinv hasn't run since the update, then the VA package won't run (well, will fail citeria checks)

Neil J Cotton
Technical Consultant
Anix Group Ltd
 
Upvote 0 Downvote
I managed to get the answer from MyITForum.com. Turns out that I need to modify the AssessmentConfig.XML file located inside the PkgSource folder and add the MBSA 2.0.1 scanner info to get it to work.

So if you look at the XML file, this is what I've updated:

.
.
.
<Scanners>
<Tool>
<ProductName>Microsoft Baseline Security Analyzer 2.0</ProductName>
<ProductCode>{8A8F4EF8-160C-4E0F-B32D-92E2313E039B}</ProductCode>
<ComponentCode>{2BACB435-0CF0-407A-839B-EABB04F9A119}</ComponentCode>
</Tool>
<Tool>
<ProductName>Microsoft Baseline Security Analyzer 2.0.1</ProductName>
<ProductCode>{7F231232-C309-4401-964A-2A002B6E1ED9}</ProductCode>
<ComponentCode>{2BACB435-0CF0-407A-839B-EABB04F9A119}</ComponentCode>
</Tool>
</Scanners>

Once I added the info for MBSA 2.0.1 within the <Tool> and </Tool> tags, now when VulnerabilityAssessment.exe runs, it will work for either MBSA 2.0 and MBSA 2.0.1
 
Upvote 0 Downvote
Nice find Sabre.

Neil J Cotton
Technical Consultant
Anix Group Ltd
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

JeannieLCFPD
  • Locked
  • Question
Does SCCM 2012 R2 have File Integrity Monitoring for compliance with PCI
Replies
0
Views
210
JeannieLCFPD
JeannieLCFPD
Flipper01
  • Locked
  • Question
Advertised application does not start
Replies
2
Views
99
Flipper01
Flipper01
weeyin83
  • Locked
  • Question
MS Office Install with MST failing
Replies
0
Views
86
weeyin83
weeyin83
la1impala
  • Locked
  • Question
sms work station can not be found in database
Replies
1
Views
108
mrmovie
mrmovie
VictorySabre
  • Locked
  • Question
Is MBSA 2.0.1 Compatible with Vulnerability Assessment Tool?
Replies
0
Views
22
VictorySabre
VictorySabre

Part and Inventory Search

Sponsor

Back
Top