I am using MBSA for Windows server security audit reports. Although, FAQs on MBSA outline steps for successful remote security scans using MBSA; however, GPO-based settings for managed systems require additional work. This is due permissions on registry key HKLM\Software\Classes\AppID\{B366DEBE-645B-43A5-B865-DDD82C345492}. This solution is tested in Hyper-V based virtual environment with Windows 2008 R2, see reference website links at the end.
The startup script below uses REG and SUBINACL tools.
The port exceptions are as follows.
Additionally; policies, "Windows Firewall: Allow inbound file and printer sharing exception" and "Windows Firewall: Allow inbound remote administration exception" are enabled for scanning server.
References:
1. http://www.microsoft.com/mbsa
2. http://www.microsoft.com/downloads/en/details.aspx?FamilyID=e8ba3e56-d8fe-4a91-93cf-ed6985e3927b&displaylang=en
The startup script below uses REG and SUBINACL tools.
The port exceptions are as follows.
Additionally; policies, "Windows Firewall: Allow inbound file and printer sharing exception" and "Windows Firewall: Allow inbound remote administration exception" are enabled for scanning server.
References:
1. http://www.microsoft.com/mbsa
2. http://www.microsoft.com/downloads/en/details.aspx?FamilyID=e8ba3e56-d8fe-4a91-93cf-ed6985e3927b&displaylang=en
