Update: Finjan warns when using Microsoft Baseline Security Analyzer

Finjan Software issued an alert regarding the reporting characteristics of the Microsoft Baseline Security Analyzer (MBSA) tool. According to Finjan, MBSA 1.0, which looks for missing hotfixes on Windows 2000 and XP machines, stores its findings in a plain text file. An attacker could read this file to find other potential access points in the system. MBSA itself is not vulnerable to attack, but a malicious user could find another entrance into the system to read the file. For more, go to http://www.finjan.com/mcrc/alert_show.cfm?attack_release_id=71

Join the newsletter!

Error: Please check your email address.

More about FinjanMBSAMicrosoft

Show Comments