.NET Framework 1.1 Security

B

Byron Boudreaux

I have a customer who is adamant about not installing the .NET framework on
their XP machines because of security concerns. But this means they can't
run alot of the new management tools such as Group Policy Management
Console, SONAR, Ultrasound, NTFRSDiag, and I am sure many others. Does
anyone have any guidance on this issue? What vulnerabilities are exposed by
installing the framework? How can these vulnerabilities be mitigated
without losing the functionality of these tools?
 
P

Peter van der Goes

Byron Boudreaux said:
I have a customer who is adamant about not installing the .NET framework on
their XP machines because of security concerns. But this means they can't
run alot of the new management tools such as Group Policy Management
Console, SONAR, Ultrasound, NTFRSDiag, and I am sure many others. Does
anyone have any guidance on this issue? What vulnerabilities are exposed by
installing the framework? How can these vulnerabilities be mitigated
without losing the functionality of these tools?
Click to expand...
I'm curious about your customer's assertion.
Do any specifics go with it? If not, you have a real challenge on your
hands.
If you don't get some good leads here, you might consider posing this
question in:

microsoft.public.dotnet.security
 
R

Richard Grimes [MVP]

Byron said:
I have a customer who is adamant about not installing the .NET
framework on their XP machines because of security concerns. But
this means they can't run alot of the new management tools such as
Group Policy Management Console, SONAR, Ultrasound, NTFRSDiag, and I
am sure many others. Does anyone have any guidance on this issue?
What vulnerabilities are exposed by installing the framework? How
can these vulnerabilities be mitigated without losing the
functionality of these tools?
Click to expand...

So your customer does not want to take advantage of the increased security
that .NET offers with code access security, assmbly signing (to prevent
tampering) and quarantining of downloaded code. How odd, they've got a
strange attitude to security. Take my advice, don't connect your laptop to
their network! ;-)

Richard
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

MMC could not create the snap-in ".NET Framework 1.1 Configuration 1
Framework Config Security 4
install .NET framework 2.0 1
Can ISVs redistribute .NET Framework 1.1 SP1? 7
Net Framework Issues 1
.NET Framework 1.1 and .NET Framework 1.1 Hotfix (KB886903)? 0
installing .Net Framework on servers 5
.NET Framework 1.1 Configuration won't launch 4

Top