.NET 3.5安全问题
[英].NET 3.5 security question
问题描述
I have installed .net 3.5 on a windows 2003 system. 
我已经在Windows 2003系统上安装了.net 3.5。 I notice that in addition to the latest .net 3.5 level, previous levels of .net such as 1.0 and 2.0 are automatically installed also. 我注意到,除了最新的.net 3.5级别之外,还会自动安装以前的.net级别,例如1.0和2.0。 These older versions have security issues that I assume are corrected in .net 3.5. 这些较旧的版本存在一些安全问题,我认为在.net 3.5中已得到纠正。 Is this correct or do the relevant security patches for these older .net versions have to be installed also to harden the system ? 这是否正确,或者是否还必须安装这些较旧.net版本的相关安全补丁以加固系统? Thank you 谢谢
2 个解决方案
解决方案1
5 2009-01-05 14:37:22
The .Net 3.5 SP1 contains all rolled up security patches as of the date it was packaged for .Net 2.0, 3.0, and 3.5. .Net 3.5 SP1包含了为.Net 2.0、3.0和3.5打包之日起所有汇总的安全补丁。
.Net 3.5, like 3.0, is a superset of .Net 2.0. 与3.0一样,.Net 3.5是.Net 2.0的超集。 Meaning it is basically and add-on for .Net 2.0. 这意味着它基本上是.Net 2.0的附加组件。
解决方案2
0 2009-01-05 15:04:16
Unless the patches break your application, you should always install the latest security patches for all softwre installed on your system. 除非补丁破坏了您的应用程序,否则您应该始终为系统上安装的所有软件安装最新的安全补丁。 This should be part of a regular and, preferably, automated process. 这应该是常规流程(最好是自动化流程)的一部分。 Since .NET 3.5 is completely separate from .NET 1.x, you will need to address the .NET 1.x security patches as well as .NET 3.5 SP1 (and any later patches that may come along). 由于.NET 3.5与.NET 1.x完全分开,因此您将需要解决.NET 1.x安全修补程序以及.NET 3.5 SP1(以及可能附带的任何更高版本的修补程序)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.