this is what it found - I double checked and every single update in windows update says - successful - interesting - so now I'll read thru the how do I fix it areas - crisS Computer name:Workgroup\Downstairs IP address:192.168.1.100 Security report name:Workgroup - Downstairs (09-26-2003 01-09 PM) Scan date:9/26/2003 1:09 PM Scanned with MBSA version:1.1.1 Security update database version:1.0.1.500 Security assessment:Severe Risk (One or more critical checks failed.) Security Update Scan Results ScoreIssueResult Windows Security Updates 5 security updates are out of date or could not be confirmed. What was scannedResult detailsHow to correct this Windows Media Player Security Updates No critical security updates are missing. What was scanned IIS Security Updates IIS is not running on this computer. SQL Server Security Updates SQL Server is not installed on this computer. Exchange Server Security Updates Exchange Server is not installed. Windows Scan Results Vulnerabilities ScoreIssueResult File System Not all hard drives are using the NTFS file system. What was scannedResult detailsHow to correct this Administrators More than 2 Administrators were found on this computer. What was scannedResult detailsHow to correct this Local Account Password Test No user accounts have blank or simple passwords. What was scannedResult details Guest Account The Guest account is not disabled on this computer. What was scanned Restrict Anonymous Computer is properly restricting anonymous access. What was scanned Autologon Check is skipped on Windows XP Home Edition computers. What was scanned Password Expiration Check is skipped on Windows XP Home Edition computers. What was scanned Additional System Information ScoreIssueResult Auditing Check is skipped on Windows XP Home Edition computers. What was scannedHow to correct this Services No potentially unnecessary services were found. What was scanned Shares 8 share(s) are present on your computer. What was scannedResult detailsHow to correct this Windows Version Computer is running Windows 2000 or greater. What was scanned Internet Information Services (IIS) Scan Results ScoreIssueResult IIS Status IIS is not running on this computer. SQL Server Scan Results ScoreIssueResult SQL Server Status SQL Server is not installed on this computer. Desktop Application Scan Results Vulnerabilities ScoreIssueResult IE Zones Internet Explorer zones do not have secure settings for some users. What was scannedResult detailsHow to correct this Macro Security 2 Microsoft Office product(s) are installed. Some issues were found. What was scannedResult detailsHow to correct this Outlook Zones No Microsoft Office products are installed ----- Original Message ----- From: cris To: PCTechTalk Sent: Friday, September 26, 2003 12:56 PM Subject: -=PCTechTalk=- microsoft baseline security analyzer I found this when I was trying to figure out why microsoft patched the dso exploit in 2002 and my system gets it anyway... http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/Tools/MBSAhome.asp Microsoft has developed the Microsoft Baseline Security Analyzer (MBSA). MBSA Version 1.1.1 includes a graphical and command line interface that can perform local or remote scans of Windows systems. MBSA runs on Windows 2000, Windows XP, and Windows Server 2003 systems and will scan for common system misconfigurations in the following products 'gonna run it now and see what happens... crisS To unsub or change your email settings: //www.freelists.org/webpage/pctechtalk To access our Archives: http://groups.yahoo.com/group/PCTechTalk/messages/ //www.freelists.org/archives/pctechtalk/ For more info: //www.freelists.org/cgi-bin/list?list_id=pctechtalk