MS Security Baseline Analyzer Results:

Windows Scan Results Vulnerabilities Check failed (critical) Windows Hotfixes 5 hotfixes are missing or could not be confirmed.
Windows Scan Results Vulnerabilities Check failed (critical) Password Expiration Some user accounts (19 of 31) have non-expiring passwords.
Windows Scan Results Vulnerabilities Check failed (critical) File System All hard drives (6) are using the NTFS file system.
Windows Scan Results Vulnerabilities Check failed (critical) Local Account Password Test Some user accounts (1 of 31) have blank or simple passwords, or could not be analyzed.
Windows Scan Results Vulnerabilities Check failed (critical) Guest Account The Guest account is disabled on this computer.
Windows Scan Results Vulnerabilities Check failed (critical) Autologon Autologon is not configured on this computer.
Windows Scan Results Vulnerabilities Check failed (critical) Restrict Anonymous Computer is running with RestrictAnonymous = 2. This level prevents access to any resources that do not have explicit permissions set for the Anonymous account.
Windows Scan Results Vulnerabilities Check failed (critical) Administrators No more than 2 Administrators were found on this computer.
Windows Scan Results Additional System Information Check failed (critical) Auditing Logon Failure auditing is enabled, however Logon Success auditing should also be enabled.
Windows Scan Results Additional System Information Additional information Shares 8 share(s) are present on your computer.
Windows Scan Results Additional System Information Check failed (critical) Services Some potentially unnecessary services are installed.
Windows Scan Results Additional System Information Additional information Windows Version Computer is running Windows 2000 or greater.
Internet Information Services (IIS) Scan Results Vulnerabilities Check failed (critical) Parent Paths Parent paths are enabled in some web sites and/or virtual directories.
Internet Information Services (IIS) Scan Results Vulnerabilities Check failed (critical) Sample Applications IIS sample applications are not installed.
Internet Information Services (IIS) Scan Results Vulnerabilities Check failed (critical) IIS Admin Virtual Directory IISADMPWD virtual directory is not present.
Internet Information Services (IIS) Scan Results Vulnerabilities Check failed (critical) Msadc and Scripts Virtual Directories The MSADC and Scripts virtual directories are not present under the default web site.
Internet Information Services (IIS) Scan Results Vulnerabilities Check failed (critical) IIS Lockdown Tool The IIS Lockdown tool has been run on the machine.
Internet Information Services (IIS) Scan Results Vulnerabilities Check failed (critical) IIS Hotfixes No missing hotfixes were found.
Internet Information Services (IIS) Scan Results Additional System Information Best practice IIS Logging Enabled Some web or FTP sites are not using the recommended logging options.
Internet Information Services (IIS) Scan Results Additional System Information Best practice Domain Controller Test IIS is not running on a domain controller.
SQL Server Scan Results Vulnerabilities Check failed (critical) Exposed sa Password The 'sa' password may be exposed in clear text.
SQL Server Scan Results Vulnerabilities Check failed (critical) SQL Account Password Test Some SQL user accounts (1 of 5) have blank or simple passwords.
SQL Server Scan Results Vulnerabilities Check failed (critical) SQL Server Security Mode SQL Server authentication mode is set to SQL Server and Windows (Mixed Mode).
SQL Server Scan Results Vulnerabilities Check failed (critical) SQL Server Hotfixes 3 hotfixes could not be confirmed.
SQL Server Scan Results Vulnerabilities Check failed (critical) Sysadmin role members BUILTIN\Administrators group is part of sysadmin role.
SQL Server Scan Results Vulnerabilities Check failed (critical) Sysadmins More than 2 members of sysadmin role are present.
SQL Server Scan Results Vulnerabilities Check failed (critical) Service Accounts SQL Server and/or SQL Server Agent Services accounts are members of the local Administrators group or run as LocalSystem.
SQL Server Scan Results Vulnerabilities Check failed (critical) Domain Controller Test SQL Server is not running on a domain controller.
SQL Server Scan Results Vulnerabilities Check failed (critical) CmdExec role CmdExec is restricted to sysadmin only.
SQL Server Scan Results Vulnerabilities Check failed (critical) Registry Permissions The Everyone group does not have more than Read access to the SQL Server registry keys.
SQL Server Scan Results Vulnerabilities Check failed (critical) Folder Permissions Permissions on the SQL Server installation folders are set properly.
SQL Server Scan Results Vulnerabilities Check failed (critical) Guest Account The Guest account is not enabled in any of the databases.
Desktop Application Scan Results Vulnerabilities Check failed (critical) IE Zones Internet Explorer zones do not have secure settings for some users.
Desktop Application Scan Results Vulnerabilities Check failed (critical) Outlook Zones No Microsoft Office products are installed
Desktop Application Scan Results Vulnerabilities Check failed (critical) Macro Security No Microsoft Office products are installed