-----BEGIN PGP SIGNED MESSAGE-----

Hi Folks -

Microsoft has released two new security tools today - Microsoft
Personal Security Advisor (www.microsoft.com/security/mpsa) and
HFNetChk
(http://www.microsoft.com/technet/itsolutions/security/tools/hfnetchk.
asp)

(Note: URLs may have been wrapped)

The Personal Security Advisor (MPSA) is a GUI-based tool that will
scan your local Windows NT 4.0 or Windows 2000 machine and report
back on a host of security issues including: missing security
patches, weak passwords, Internet Explorer and Outlook Express
security settings, and Office macro protection settings. The intended
audience for this tool is an individual end-user who is looking for a
simple way to assess and secure their machine without getting into a
lot of technical detail.

The second tool is more geared to the audience of this list - system
administrators, security auditors, et al. HFNetChk is a command-line
tool that will scan either your local machine or a collection of
remote machines to assess their current security patch status. The
tool can be run from an NT4 or Windows 2000 system, and can scan NT4
and Windows 2000 machines for missing or installed patches for the
OS, IIS4, IIS5, SQL Server 7.5 and 2000, and IE 5.01 and later.

HFNetChk utilizes an XML file that contains details on each of the
security patches that have been released with security bulletins.
Patch details include: Files in the patch including their file
version, checksum, and location; registry keys installed by the
patch; information about which patches are superseded by other
patches, and which patches are applicable to each application and
related service pack.

When HFNetChk is run, it downloads the XML file (signed CAB file),
parses it, and then compares data in the XML file to data from the
machine being scanned. File details and registry keys are checked
(there is a switch available to bypass the registry key check) -
should any detail on the system not match what is known in the XML
file, the patch is considered not installed.

Default output from HFNetChk will display missing patches for the
given system. Patch supersedence is taken into account, so you'll
only see those patches are missing and are not superseded by any
other patch (there is a switch to control this setting as well). To
view details about why a patch is considered NOT installed - run
hfnetchk with the -v switch (hfnetchk.exe -v).

Microsoft would like to thank our Gold Certified Partner - Shavlik
Technologies (www.shavlik.com/security) for developing the above
tools and making them available to our customers. Shavlik has
created advanced versions of each of these tools that are available
from their site. Of particular note is a version of HFNetChk that
includes a GUI front-end with HTML links to the related patches and
KBs, as well as other advanced options in their command-line version.

More details on HFNetChk are available in the following KB article:
http://support.microsoft.com/directory/article.asp?ID=kb;en-us;Q303215
.

Comments, questions, bugs, and feedback can be sent to
hfnetchkmicrosoft.com. Please review the KB article and frequently
asked questions (Q305385) and try running hfnetchk -v -z before
emailing support questions to this alias.

Thanks and enjoy,

Eric Schultze
Senior Technologist
Microsoft Corporation

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1

iQEVAwUBO3rR+I0ZSRQxA/UrAQHpUwgAjpLTV4wKy9N+2wtqFZoHzsBaPFyxxcg9
wvw/8DxnCIq5JUf9+29lExtR7QPzMWVrOdxWl7aI+KKcWF43hH34FCPcF7ONrs6A
XoDZrJtiHrRsK+zvpVZ254YwlY6MjIs/08velTSVpK0KfXStI7F4Paka44tCT0WT
y/5L2DHdt5kAsHO0iJEqPwIvGOXKdRKAyKAz3n3oOE6LU3mYSnSat0ngdWpNaoUk
A0yNP3cMU/KRTr1mNWWtmDDxhZAgXZ1RQhjgcjim/AQ0Cz7sXy407Mcs/K+bGzOI
L2z2H426vYTh+ET7vXcyvyFxTCcSvg8VDb4+n75/lY+kkvSlCWO4xg==
=ka8O
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]