Vulnerability Assessment is the process of identifying, quantifying, and prioritizing (or ranking) the vulnerabilities in a system.
There are 2 methods for Vulnerability Assessment:
1. Manual - Finding Vulnerability by manual method using search engine or exploit-db

2. Auto - Finding Vulnerability using vulnerability scanner like Nessus, OpenVAS, etc.
Now I will show you how to use Nessus to scan our Windows Target
First, Install Nessus you can found the tutorial here: http://www.fuzzysecurity.com/tutorials/8.html
then launch Nessus and Add Scan, give any Name then on the Scan Target add IP target then Launch Scan
After Nessus finish scan the target, in the Reports tab double click the scan, and tadaa...!! your target vulnerability info already there.
You can also using nmap to find smb vulnerability using --script=smb-check-vulns

root@bt:~# nmap --script=smb-check-vulns --script-args=unsafe=1 192.168.56.2

Starting Nmap 6.25 ( http://nmap.org ) at 2012-12-22 02:33 WIT
Nmap scan report for 192.168.56.2
Host is up (0.00038s latency).
Not shown: 997 filtered ports
PORT     STATE  SERVICE
139/tcp  open   netbios-ssn
445/tcp  open   microsoft-ds
2869/tcp closed icslap
MAC Address: 08:00:27:BC:C5:4A (Cadmus Computer Systems)

Host script results:
| smb-check-vulns: 
|   MS08-067: VULNERABLE
|   Conficker: Likely CLEAN
|   regsvc DoS: NOT VULNERABLE
|   SMBv2 DoS (CVE-2009-3103): NOT VULNERABLE
|   MS06-025: NO SERVICE (the Ras RPC service is inactive)
|_  MS07-029: NO SERVICE (the Dns Server RPC service is inactive)

Nmap done: 1 IP address (1 host up) scanned in 10.22 seconds
root@bt:~# 

Now you can try to Exploit the target using the Vulnerability Information.