For anyone else that has this problem, it's a known issue with MBSA and
I reviewed your files and have confirmed your issue to be the same as the
"known" issue. A Windows 2008 server fix will be announced when it is
released. No ETA is available.
While it is regrettable that in this instance we have been unable to provide
you with a requested solution at this time, we hope that your continued
partnership will allow us to work together through future challenges as they
may arise. As with each customer we work with, it is always our objective to
provide the very best supported software possible.
The case will be set to a decrement type of “non-decrement” and thus, will
NOT be charged against your Software Assurance agreement.
At this time, as there is no other escalation channel for this issue, I will
conclude this case today.
It was my pleasure working with you. Please let me know of any feedback
you would like to convey to us on your overall experience with Microsoft
Customer is running MBSA.
Customer is seeing "1721" errors on the MBSA scan results for weak passwords
when scanning on Win2008 machines.
No workaround available at this time. Hotfix and/or SP to be released in
Post by Shawn Martin
MBSA was installed on a few different 2008 servers. Some had been up and
running for a few months, others were just installed this week.
On every server, I didn't have a previous version of MBSA installed.
The network team here wanted server administrators to run MBSA on
applications to ensure things like passwords are strong. The tools runs fine
on the 2003 servers, but throws the weak password error on the 2008 boxes.
The issue is definitely odd, so I'll set up another 2008 server from scratch
and see if it still happens.
Post by 1PW Post by Shawn Martin
MBSA was downloaded and installed directly from the Microsoft Download Center
onto each server, on separate days. The download was a direct download that
didn't go through a proxy server and anti-virus was disabled on the servers
Any other suggestions?
Do you ever remember this MBSA 2.1 version working OK in your shop?
If so, I'm wondering if a subsequent MS update has broken something?
Do you regularly run MBSA on a scheduled basis, or is it run on
Although "FTR" suggests a linkage to password strength, I'm guessing a
zero-length password is being mistakenly passed to MBSA for
evaluation, if indeed MBSA itself does the evaluation. But hey - I'm
just pulling this out of the air.
Warm regards Shawn,