dbx34
thumbs down from:
ghost16825 
|  Is MS .NET Freamework 1.1 safe to install?
I noticed it has a service pack 1, so it must be vulnerable, or was, in any case what are your opinions on it? Safe to install or not? I'm running XP sp2. Thanks for your advice. |
|
tls663
Premium
join:2004-01-30
canada
1 edit | Yes, well relatively, but there are a few critical updates to fix it after initial install, but a question is what are you planning to use it for once installed?
edit: Also note, that there has been some flaws found in the past, and may yet be some found, like any other M$ product, sooner or later someone will find a way to exlploit it. |
|
redxii
too big to fail
Premium,Mod
join:2001-02-26
Texas
Host:
/dev/null
Broadband Tweaks
Suddenlink
ISDN
Fiber Optic
| said by tls663 :like any other M$ product You mean like any other software made by man? No exceptions in this world. |
|
tls663
Premium
join:2004-01-30
canada
| Perhaps I was giving a jab to microsoft, but when you are as big as them, with as many rigs running their code, its bound to be hacked long before other products. An example of this is Mac Os X, its likely there are security flaws in it that are undiscovered, but no-one will invest their time in exploiting it if its only on a smaller percentage of machines will they, so far this has worked in apple's favor. |
|
SvS
join:2001-04-15
Germany
| reply to dbx34
said by dbx34:
I noticed it has a service pack 1, so it must be vulnerable, or was, in any case what are your opinions on it? Safe to install or not? If I remember right SP1 for .NET 1.1 contains fixes for the JPEG vulnerability found in gdiplus.dll, generally it's bug fix release only. After installation it you'll may notice that there is one Hotfix waiting to be installed which fixes an information disclosure vulnerability in ASP.NET. |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| reply to dbx34
I have had the .NET Framework since it was in beta back in 2001 (I think it was) and then became version 1. That was on my 98SE box and I have put the various service packs and upgrades on that box over the ensuing years and, of course, have .NET framework on XP. Version 1.1 came installed on this Dell.
I got the .NET framework so early because my Cookie Crusher application, when upgrading from version 2.6 to 3.0, decided to go with .NET framework which was a major change. I was a beta tester for The Limit Software. That application was one of the first to utilize the .NET framework. Since then many others have such as Dell and MS Passport and others. It is becoming almost essential to have it.
--
Around 2005 a sudden spark will catalyze a Crisis mood. The very survival of the nation will seem to be at stake.Sometime before 2025, America will pass through a great gate in history. The risk and promise will be very high. The Fourth Turning Wm. Straus |
|
ghost16825
Use security metrics
Premium
join:2003-08-26
|  reply to dbx34
said by dbx34:
I noticed it has a service pack 1, so it must be vulnerable, or was, in any case what are your opinions on it? Safe to install or not? I'm running XP sp2. Thanks for your advice.
What are you implying here?
It sounds like you're saying that any application which has vulnerabilities is "unsafe" to use in any form for any use, regardless of whether the vulnerabilities have little chance of being exploited through 'normal' use. Any software with security vulnerabilities is therefore in the same class as general malware - 'unsafe' to install. That's what your question seems to be saying.
At first I would have dismissed you as being a troll, dbx34. But perhaps these views are now widespread. Is this what widespread fear, security industry FUD, irrationality and paranoia has come to?
*Leaves thread in discust*
--
Admin of the Kerio 2x-like open source project:
http://sourceforge.net/projects/kerio/
http://kerio.sourceforge.net/
|
|
GKJUG
@algx.net |  reply to dbx34
Yes, it's safe. I've had .NET Framework on my machine for months with no issues.
|
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| Well, I've had it on both my 98SE box and the XP box for many years with no problems. Didn't you read my post? The fact that you have had it for a few months with no problems doesn't mean much. But I've had it for years with no problems. I too wonder if the OP is a troll because who would be afraid to install a MS application like this that has become almost essential?
--
Around 2005 a sudden spark will catalyze a Crisis mood. The very survival of the nation will seem to be at stake.Sometime before 2025, America will pass through a great gate in history. The risk and promise will be very high. The Fourth Turning Wm. Straus |
|
KachiWachi
join:2004-02-12
PA, USA | The thing is...what software (that the average PC user might have) uses .NET Framework? |
|
Mele20
Premium
join:2001-06-05
Hilo, HI
| The AVERAGE PC user might have Hotmail. MS Passport requires .NET framework. All recent (2003 on) Dell computers come with it installed because Dell requires it. I do believe a fair number of AVERAGE users buy Dell computers these days. Maybe very few users with XP use any third party software for cookie control but I'm sure that some of those that still have W98/ME do and they are not all advanced users. I was a beginner when I bought Cookie Crusher that uses it. It was the first software I bought. There is lots of software average users may use that requires it.
--
Around 2005 a sudden spark will catalyze a Crisis mood. The very survival of the nation will seem to be at stake.Sometime before 2025, America will pass through a great gate in history. The risk and promise will be very high. The Fourth Turning Wm. Straus |
|
SvS
join:2001-04-15
Germany
| reply to KachiWachi
said by KachiWachi :The thing is...what software (that the average PC user might have) uses .NET Framework? A few, among them are: nLite, Microsofts Raw Image Support Powertoy for XP, the Media Center in XP Media Center Edition, Powerquests last version of DriveImage (not sure about Symantec Ghost 9 but since it's just a rebranded DriveImage with a LiveUpdate menu item, I guess it uses the .NET Framework too) , parts of my own software and nobody knows what Beta 2 of Microsoft AntiSpyware may bring. In addition the new ATI Catalyst Control Center requires the .NET Framework and so some OEM's ship their systems with the .NET Framework preinstalled. Dell built their management software on-top of it so every new Dell system should come with the .NET Framework installed. |
|
Martinus
Premium
join:2001-08-06
EU
| reply to Mele20
said by Mele20 :The AVERAGE PC user might have Hotmail. MS Passport requires .NET framework. Hotmail doesn't require the .Net Framework installed on your PC to access it. You can access Hotmail with your browser, and the Passport login is done via https in a browser.
I can say that because:
a) I have a Hotmail account and
b) I don't have .Net framework installed
--
From the GSV "Ethics Gradient" |
|
SvS
join:2001-04-15
Germany
| reply to Mele20
said by Mele20 :The AVERAGE PC user might have Hotmail. MS Passport requires .NET framework. No it does not, at least not on the client side. The myth that Passport may have anything to do with the .NET Framework originates from the time this technology was called .NET Passport. Microsoft branded a lot of things with .NET at that time (namely Windows .NET Server which became Windows 2003) but they changed their minds later on. |
|
KachiWachi
join:2004-02-12
PA, USA
| reply to dbx34
It doesn't sound to me like a whole lot of software uses it... 
I have not downloaded it just for that reason...if I have no use for it, why install it?
I was just curious about the package...that's all. Thanks! |
|
Ray
Mahnahmahna
Premium
join:2001-04-02
Mesa, AZ
| I think you've figured it out. I develop some software at work for .NET (C#), but I don't have the framework installed on my home computer because I don't use any programs that require it. If you don't have any programs that are using it, it's just taking up (lots of) space on your hard drive.
--
ON DELETE CASCADE |
|
Feets
Premium
join:2002-12-11
Hamilton, ON
 ·Cogeco Cable
| reply to dbx34
Everyone will have it eventually. More and more software is being written for it, mostly in the corporate realm right now, but it will trickle over to the home market as well.
From a security standpoint this is probably a good thing. It's a lot harder for developers to write code that is susceptible to buffer-overruns and other memory misuse related security problems when they develop on the .NET framework. |
|
Tony_W
join:2004-11-01
1 edit | reply to KachiWachi
said by KachiWachi :The thing is...what software (that the average PC user might have) uses .NET Framework? Access Manager - »www.accessmanager.co.uk - for example, uses the .NET Framework. It used to run without it until they decided to change the codebase utilising this.
Quite a few freeware programs, such as the one mentioned, have switched to using .NET Framework. It's up to the user if they wish to continue using said programs or seek alternatives that don't use .NET Framework. |
|
hpguru
Curb Your Dogma
Premium
join:2002-04-12 | reply to dbx34
I have had .NET Framework installed since its first release and have never had an issue with it. |
|
ElJay
join:2004-03-17 | reply to dbx34
I develop software on the .NET Framework and it seems to do its job quite well, but there's no reason to install it unless you have a piece of software that requires it. (And no, the online "Microsoft Passport Network" does not require it.) |
|
