Here it is people, Microsoft Baseline Security Analyzer 1.1. (Seriously, would it kill them to get a shorter name? -Ed). Oh, and thanks primortal for posting about this in our BPN forum.
As part of Microsoft's Strategic Technology Protection Program, and in response to direct customer need for a streamlined method of identifying common security misconfigurations, Microsoft has developed the Microsoft Baseline Security Analyzer (MBSA). Version 1.1 of MBSA includes a graphical and command line interface that can perform local or remote scans of Windows systems. MBSA runs on Windows 2000 and Windows XP systems and will scan for common security misconfigurations in the following products: Windows NT 4.0, Windows 2000, Windows XP, Internet Information Server (IIS) 4.0 and 5.0, SQL Server 7.0 and 2000, Internet Explorer (IE) 5.01 and later, and Office 2000 and 2002. MBSA also scans for missing security updates for Windows NT 4.0, Windows 2000, Windows XP, IIS, SQL, Exchange, IE, and Windows Media Player.
Download: MBSA 1.1