Windows Pre-OS Hardening Procedures

Run a Vulnerability scan on the system in question as well as a virus scan using any or all of the following:

Once you have ensured the server is not compromised proceed with the following:

  • Install only options/services required
  • Install latest OS service patches as recommended at

  • Install all needed "critical updates"
  • Install all needed "Windows OS updates"
  • If office is installed Install latest Office updates as recommended at

  • Run Microsoft Baseline Security Analyzer (MBSA) that can be found at