Article ID: 317399
When you install Microsoft .NET Framework 1.0 Service Pack 1 (SP1), the installation automatically sets a new defult policy that replaces the previous security policy that was in effect. The change in default security policy does not permit managed code that was downloaded from the Internet zone to run (as configured on the Security tab under Internet Options in Microsoft Internet Explorer). Previously, this code was permitted to run with a limited set of permissions roughly analogous to the permissions that script on a Web page would have within the browser. This is the only change. Use the Microsoft .NET Framework Configuration tool (Mscorcfg.msc) to review security policy to ensure that it is appropriate for your situation.
For additional information, click the article number below to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/318836/EN-US/ )INFO: How to Obtain the Latest .NET Framework Service Pack
If you have configured security policy for the machine level, that policy will be saved before any change is made. To restore security policy to the previous configuration, use the following command:
Note that you must recover the previous security policy before you make additional changes to security policy, because only the most recent (previous) security policy information is saved.
If you have already configured enterprise-level or user-level security policy, this change may also affect how security policy works, because policy configurations of all levels intersect to compute the resulting allowable permissions.
If you want to keep your customized machine-level security policy configuration and merge this change for the Internet zone, use the following procedure. Note that if you have already configured the Internet zone, this procedure will override that configuration.
Article ID: 317399 - Last Review: June 19, 2014 - Revision: 4.0