The Microsoft Baseline Security Analyzer (MBSA) version 2.3 has been released to provide support for Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. You should consider upgrading to this newest version before running additional security scans.

MBSA is a tool that compares the PC patch status against what is currently available in Windows Update and will provide a list of missing security updates, rollups, and service packs. It can also determine common security misconfigurations for supported versions of Windows, Internet Information Server, SQL Server, Internet Explorer, and Office.

MBSA can be run using the GUI or through a command-line (MBSACLI) which includes a huge number of command-line options for automation. It can be run against a single computer or multiple computers.

Note that Windows 2000 is no longer be supported with this release.

Despite the download page still stating that it is version 2.2, I can confirm that this truly is the 2.3 release. The Microsoft download page's title and content just haven't been updated yet.

You can download it from here: Microsoft Baseline Security Analyzer 2.3 (for IT Professionals)


P.S. While MBSA is a great tool to catch potential security problems through patch scanning, you will also want to utilize the Enhanced Mitigation Experience Toolkit (recently updated to version 4.1) to stop attacks, should they happen. Read about that here: Enhanced Mitigation Experience Toolkit Updated to Version 4.1