When it comes to security, once of the most important things is the operating system security. The client and server operating systems need to be fully patched and secure on a regular basis and it should be part of the responsibilities of a security administrator. Talking about Windows operating systems, there is this feature called Windows Automatic Update that you must turn on to let it automatically receive and install critical or non-critical updates from the Microsoft update website. This feature has been there since Windows 98 and has had a lot of improvements over the years.
Apart from this feature, Microsoft has a really great tool which needs to be downloaded and installed from here and it is called Microsoft Baseline Security Analyzer. This tool is a type of vulnerability scanner which can scan Windows servers and computers and find security miss-configurations and problems and report them to you. Then you will take necessary actions to eliminate those security vulnerabilities.
Using MBSA 2.2 which is the latest version of this tool, you can look for the missing updates in the versions of windows being scanned and this tool will also detect security miss-configurations on some of Microsoft software and services installed on Windows. You can see a list of those software that are checked during the scan on the page I mentioned above.
There are so many other security vulnerability scanners too but this one is only designed for Microsoft Windows operating systems. Below is a few more security scanner tools that you can use: