The vulnerability scanner writes activity to a log file called VulnerabilityAssessment.log, which is stored in the SMS client computer in the %Windir%\system32\ccm\logs folder. It contains information such as the command-line arguments used to invoke the SMS 2003 R2 Scan Tool for Vulnerability Assessment and command-line MBSA arguments.

If a failure occurs in a program, it returns failure status files that are associated with the failure. These files are returned in the Management Information Format (MIF), which can be reviewed in the status message system. For more information about using the status message system, see the "Using the SMS Status System" section of the SMS 2003 Operations Guide available at the Microsoft Systems Management Server Product Documentation Web site (http://go.microsoft.com/fwlink/?linkid=9502).

The following four MIF errors require additional explanation:

• The scan tool for Vulnerability Assessment could not load the vulnerability assessment configuration file AssessmentConfig.XML. For more information, see the scan tool's Deployment Guide.
  
  This message might mean that the AssessmentConfig.xml file is missing from the PkgSource directory. Run Setup again to repair the current installation and replace the xml file with a new copy.
  
  
• Failed to compile MOF definition file VulnerabilityAssessment.MOF. For more information, see the scan tool's Deployment Guide.
  
  Look for errors in the VulnerabilityAssessment.log. As the mof file is compiled, mofcomp.exe sends any error messages to that log file. This message might indicate a failure to access the WMI namespace \\root\ccm.
  
  
• Unable to load and verify the results generated by Microsoft Baseline Security Analyzer. For more information, see the scan tool's Deployment Guide.
  
  After MBSA has completed the vulnerability scan, the Scan Tool for Vulnerability Assessment verifies the results using two files, checks.csv and details.csv, which are located in the MBSA installation directory. If the verification fails, you see this message. Run the scan tool again to see whether the verification fails a second time. If verification fails again, examine the .csv files for error messages. You can also reinstall MBSA.
  
  
• Unable to store results to WMI. For more information, see the scan tool's Deployment Guide.
  
  This error message indicates that the Scan Tool for Vulnerability Assessment could not write to the namespace root\ccm\VulnerabilityAssessment and create the WMI classes that store the MBSA results. Verify that there is enough disk space on the client to create the WMI information. Look for mofcomp errors in the VulnerabilityAssessment.log.
  
  

Concepts