Update: Finjan warns when using Microsoft Baseline Security Analyzer

Finjan Software issued an alert regarding the reporting characteristics of the Microsoft Baseline Security Analyzer (MBSA) tool. According to Finjan, MBSA 1.0, which looks for missing hotfixes on Windows 2000 and XP machines, stores its findings in a plain text file. An attacker could read this file to find other potential access points in the system. MBSA itself is not vulnerable to attack, but a malicious user could find another entrance into the system to read the file. For more, go to http://www.finjan.com/mcrc/alert_show.cfm?attack_release_id=71

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about FinjanMBSAMicrosoft

Show Comments