Acknowledgement. The following information came from the SQLskills Insiders #167 newsletter (Paul S Randal).

Microsoft has released SQL Server Management Studio 17.4, which is the latest standalone version of SSMS. This version of SSMS is completely free, and is officially supported for SQL Server 2008 and newer, and for Azure SQL Database. It runs on x64 versions of Windows 7 SP1 and Windows Server 2008 R2 and newer. SSMS 17.4 has a very significant new feature called “Vulnerability Assessment”, which lets you scan your databases for vulnerabilities and deviations from security best practices. You can get to this feature by right-clicking on a database in Object Explorer, selecting Tasks, selecting Vulnerability Assessment, and then selecting Scan for Vulnerabilities. The resulting scan is pretty quick, and it exposes a lot of information about what it is scanning for and what it finds, including the actual T-SQL to correct many of the issues that it finds. Vulnerability Assessment only works on SQL Server 2012 and newer instances. This new feature makes SSMS 17.x even more valuable. I think it is far superior to legacy versions of SSMS, and you should probably start using it to manage even your legacy versions of SQL Server, rather than using the version of SSMS that is part of your legacy version of SQL Server.