Using MBSA 2.2 getting error 'Cannot load security CAB file" when attempting to scan any remote systems

Could scan all remote servers previously from same sources and version.  Replaced/updated all cabs and other files associated (C:\Documents and Settings\<username>\Local Settings\Application Data\Microsoft\MBSA\Cache) with no change.  Removed/re-installed MBSA 2.2 with not effect.

Local scans appear to function fine, but do not wish to download MBSA on EVERY system we need to scan.

Settings for remote scan are: Check for security updates>Configure computers for Microsoft Update and scanning prerequisites>Advanced Update Services options:>Scan using Microsoft Update only

Have attempted from different systems/OS's, with same results.  Checked firewall for any blocked traffic from both host and scanner, no entries.

Checked Technet/blogged for about two hours, without any positive results. Please advise/assist.

Regards,

 

AJ Lebeau

MCSE, MCP, MCP+I, CNA, ACNA, A+

Server Administrator

Progenics Pharmaceuticals

alebeau@progenics.com

(914) 789-4558

 

May 11th, 2011 9:59pm

Thank you for sending this to the MBSA forums!

If you haven't already, you may want to check the MBSA FAQ located here: http://technet.microsoft.com/en-us/security/cc184922 specifically under the sections titled, "How can I scan a computer that is protected by a firewall" (to resolve potential DCOM connectivity issues), and "When attempting to scan a remote machine, why do I see the error 'Cannot deploy security metadata?"

This is also a very misleading error message since the problem could be due to connectivity to the target (client) machines - nothing relating to the CAB file.  In any circumstance, you should not need to install MBSA on all of the target machines to successfully assess their security state. 

 

Possible solutions include

  1. Confirm the latest WUA client is installed on all target machines (with the files you've already placed in the cache directory, you can simply check the scan option to "Configure computers for Microsoft Update and scanning prerequisites" - which will update and re-register each target machine with the latest WUA client and the ability to respond to requests from MBSA.
  2. Check whether the target machines have limited disk space (unlikely)
  3. Check DCOM settings on both the server - but more likely due to the failure to remotely scan - the target machines.
  4. Change the scan options to further troubleshoot.  Specifically, 'Check for security updates' option uses a DCOM connection to the target WUA client while the other scan settings 'Check for weak passwords, etc." use specific UDP/TCP ports as indicated in the System Requirements section of the MBSA help file and the MBSA FAQ.  Also use the 'Advanced Update Services options' to determine whether WSUS connectivity may be at issue.

Please let me know if that helps.

Free Windows Admin Tool Kit Click here and download it now
May 12th, 2011 4:42am

HI All,

I've found the same problem on an "hardened military system", this system has the "Windows Update Service" disabled.

When I've re-enabled and started this service, the error gone away. However you need to use or the command line to specify the latest downloaded .cab file and put it in the %username%\appdata\local\Microsoft\mbsa\cache directory.

my 0,1ents

Mr.Chichio

October 3rd, 2012 1:05pm

Hi all

i have this problem too, i have clone all my system and tried the offline scan but couldnt, and tried different way to fix it

i found out in my Domain Controller i have an group policy that it have connection to an WSUS, so when i have remove from connection to wsus (because i want it offline) it works scanning

Free Windows Admin Tool Kit Click here and download it now
September 16th, 2013 1:48pm

I also had same issue i.e 'Cannot load security CAB file" but i was not trying to scan a remote computer instead i was scanning the local server, It was found the admin was just renamed prior scanning the server for MBSA i.e the RDP session was using the old local admin name i.e Administrator..

Once logged off and logged in with the new credentials, i was successfully able to take the MBSA scan of the said server..

I know the chances for someone facing the same as issue are rare, But anyway thought to share it incase anyone tends to lend in same situations as mine ;-)

December 24th, 2014 10:10am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics