Baseline Security Advisor and XPe

[Ralph Wiggum]

Are they compatible? I want to ensure my XPe image is as secure as
possible, with the latest patches etc.,.

 

[Heidi Linda eMVP]

Are they compatible? I want to ensure my XPe image is as secure as
possible, with the latest patches etc.,.

If that's a remote scanner, then it should tell you if there's any
vulnerabilities, certainly, but if it has to be run on the client, then
it might not be able to run, depending on which components you have in
your image.
You can use Device Update Agent to keep your image's patches up to date.

 

[Doug Hoeffel]

Ralph:

I think Heidi is correct, the MS Baseline Security Analyzer runs on the
client so hopefully it will install and run for you.

The remote network security scanner that I use is eEye Retina. Check out
http://www.eeye.com/html/Products/Retina/index.html

HTH... Doug
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Have an opinion on the effectiveness of Microsoft Embedded newsgroups? Tell
Microsoft!
https://www.windowsembeddedeval.com/community/newsgroups
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

[Robert]

Ralph,

I ran it on my XPE image so you should be fine. It
doesn't really tell you much more than what you should
already know though. It is pretty basic.

Robert

 

[Andy Allred [MS]]

MBSA can return false positives, it doesn't know how to handle the case
where it thinks you have a vulnerability because the feature wasn't even
installed. This is a known issue with MBSA, we're working with the security
team to understand how MBSA can handle that case and not freak out the IT
people when they're scanning embedded devices.

The issue with MBSA is that it will offer to install updates for you off of
the WindowsUpdate site which is a definite problem for you if you let it do
that since WU has no knowledge of XPe, either. The WU issue will be
addressed for Longhorn.

So generally, you can use MBSA as long as you're smart about interpreting
the results and take all the caveats into account.

Andy