.NET Framework 3.5 SP1 Allows managed code to be launched from a network share!


This has got to be one of the most consistently asked for "features" of .NET from the start!     Download .NET Framework 3.5 Service Pack 1

Run off a network share with local permissions – You have voted and we have listened!  We have brought managed executables in line with native code executables in how they behave when run off a network share.  Yea!   

Vance has the full scoop.. If you want to send someone flowers for getting this done, it is Vance… he designed, coded, tested, cajoled, prodded, persisted and advocated strongly for the fix.

Download .NET Framework 3.5 Service Pack 1

Comments (19)

  1. Dirk says:

    Couldn’t this be done using CAS before?

  2. sambo says:

    I heard a lot of featured in .NET 3.5 SP1.

  3. netsam says:

    windows has enough problem with its owm. Now it adds more security venerability.

  4. John says:

    ".NET Framework 3.5 SP1 Allows managed code to be launched from a network share!"

    You make this sound like some great new feature.  It isn’t.  It’s a bug fix.  Yeah, I’m glad Microsoft fixed this, but it isn’t something you should be proud of.  Fixing this in 2008 doesn’t diminish your guilt for allowing this bug to exist for 5+ years.  How much pain has this caused your customers over that time?  Do we get some compensation for our aggravation?  This was not some technically difficult problem.  It was simply a bad design choice, which you persisted in and defended long after it was apparent to everybody else that it was wrong.

  5. Francois Ward says:

    I’m not sure I get it. This was always possible via CAS for those who wanted it. You could even push it as a policy via a domain, so you wouldn’t need to do it computer by computer…

    So I always thought it was a great design choice originally, since it is in line with the "secure by default, unlock the risks you want on your own" mindset which works quite well in the Unix world.

    So why exactly was the default changed? Or is this something more?

  6. Scott Bruno says:

    Yay, thank you Vance. In lieu of flowers please accept this beer []?

    For those of you wondering why this is a good idea, let me just say if this hasn’t been a problem for you then just be happy for the rest of us.

  7. Tester Bob says:

    If this "bug" wasn’t fixed before, then the world was not ready for it to be so.  Now it is.  We would not exist without Microsoft so show some respect.

  8. Does this work with existing applications or is a recompile needed?

  9. Followup to Jimmy’s questions, does this require an app target the 3.5 framework or will any old 2.0 app work?

  10. BradA says:

    JimmyAndrew — No, an existing application does not have to be recompiled or changed in any way to take advantage of this.   Your current 2.0 Applications will just work, you don’t have to target anything new in 3.5..

  11. Vincent says:

    Quoting Vance Morrison: "The problem is that failing to run managed code WHILE STILL ALLOWING UNMANAGED EXE’s to run, does not provide any security (because hackers will simply use unmanaged code)"

    Thanks god! And what’s next? CHM help files? If you follow the same logic I believe CHM files on a network share are not that much of a security problem…

  12. Gerry says:

    Installed  .NET Framework 3.5 Service Pack 1; NBC OLYMPICS site no longer played Silverlight video; then uninstalled SP1 and then OK again. (Playing Silverlight 2 Beta 2).

  13. Thanks for the confirmation. This makes the news even better!

  14. OPC Diary says:

    Brad Abrams : .NET Framework 3.5 SP1 All…

  15. BradA says:

    Gerry – I am sorry you have run into this issue… I personally have the same configuration and my machine works great.    One theory is that your user agent string might have gotten corrupted.  Type this into the browser address bar and send me the results (brada@microsoft.com).

    javascript:document.write("<br/>userAgent string:"+navigator.userAgent+"<br/>");

  16. On 8/15/2008, I sent you this message:

    Installed  .NET Framework 3.5 Service Pack 1; NBC OLYMPICS site no longer played Silverlight video; then uninstalled SP1 and then OK again. (Playing Silverlight 2 Beta 2).

    You responded with your suggestion that User Agent string was the problem.

    Finally, I received notice that IE does have a bug. You can see the response at Microsft Connect, Bug ID 362923.

    Thanks for you great help.

  17. 【原文地址】 .NET Framework 3.5 SP1 Allows managed code to be launched from a network share! 【原文发表日期】 13 August

  18. Seth says:

    @netsam:

    You just made my day: "… security venerability"

    ROTFL

    I hope that was an intended typo, in which case you get the full bonus points!