[英]Is .NET Framework 4 Client profile secure?
This question talks about companies who only support .NET Framework 4 Client profile due to security reasons. 此问题讨论的是出于安全原因仅支持 .NET Framework 4 客户端配置文件的公司。 But does only allowing use of .NET Framework Client profile increase security?
但是只允许使用 .NET Framework Client 配置文件会增加安全性吗? This answers talks about that being main case for Client profile.
这个答案谈到这是客户资料的主要案例。 But that was 8 years ago.
但那是 8 年前的事了。
I can see two reasons why using .NET Framework 4 Client profile is not as secure as it might seem:我可以看到为什么使用 .NET Framework 4 客户端配置文件并不像看起来那么安全的两个原因:
Is my reasoning above valid?我上面的推理有效吗? Are there any other reasons why using only .NET Framework 4 Client profile might be more secure than running full and new .NET?
是否有任何其他原因说明仅使用 .NET Framework 4 客户端配置文件可能比运行完整的和新的 .NET 更安全?
To reiterate what was talked about in the linked question :重申 链接问题中讨论的内容:
...merely the fact that security updates stopped being issued Jan 2016 should be enough to light a fire under the security conscious.
...仅在 2016 年 1 月停止发布安全更新这一事实就足以点燃安全意识下的火灾。
https://blogs.msdn.microsoft.com/dotnet/2015/12/09/support-ending-for-the-net-framework-4-4-5-and-4-5-1/
https://blogs.msdn.microsoft.com/dotnet/2015/12/09/support-ending-for-the-net-framework-4-4-5-and-4-5-1/
I don't see how any software that hasn't been patched because it hasn't been officially supported in over 2 years could be considered secure.我看不出任何因为2 年多没有得到官方支持而没有打补丁的软件可以被认为是安全的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.