Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Built on the Windows Update Agent and Microsoft Update infrastructure, MBSA ensures consistency with other Microsoft management products including Microsoft Update (MU), Windows Server Update Services (WSUS), Systems Management Server (SMS) and Microsoft Operations Manager (MOM). Apparently MBSA on average scans over 3 million computers each week.
For downloads and more information,
visit the MBSA homepage.
Really only seems to check things are "up to date" with reasonable settings. Does not appear to be capable of actually testing the system. It wrongly claims that not having ".NET" installed is a vulnerability, even when the server has absolutely no need for ."NET". If you then install ".NET" in order to remove this hoax vulnerability and re-run, it will then claim there are approx. 100 new vulnerabilities to fix!