Microsoft KB Archive/836989

= FIX: A user receives a &quot;security exception&quot; error message while running user code that is based on the .NET Framework 1.1 in a partial trust environment =

Article ID: 836989

Article Last Modified on 4/7/2006

-

APPLIES TO


 * Microsoft .NET Framework 1.1

-





SYMPTOMS
If a user runs user code that is based on the Microsoft .NET Framework version 1.1 in a partial trust environment, a security exception error may occur. For example, when a Microsoft Windows Forms control is running in Microsoft Internet Explorer, the user may receive the following error message:

Security Exception Error Message:

An unhandled exception of type 'System.Security.SecurityException' occurred in mscorlib.dll.

Additional information: Request for the permission of type System.Security.Permissions.SecurityPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 failed.&quot;

Another symptom of this problem is a timeout error that may occur if a partially trusted client makes Web requests to a Web service. For more information about this symptom, see the &quot;More Information&quot; section.



CAUSE
When an asynchronous (async) call is pending on a connected socket, the async call can either succeed or fail. In either case, the I/O completion port call back tries to query the socket to obtain the success code or the failure code.

If the async call fails, the user experiences this problem because the code path incorrectly demands the unmanaged code permission. If the user is running the user code in a partial trust environment, and the code path incorrectly demands the unmanaged code permission, a security exception error occurs and the I/O completion port call back may not be invoked.



RESOLUTION
To resolve this problem, obtain the latest service pack for the Microsoft .NET Framework 1.1. To obtain the latest service pack, visit the following Microsoft Web site:

Microsoft .NET Framework 1.1 Service Pack 1

http://www.microsoft.com/downloads/details.aspx?familyid=A8F5654F-088E-40B2-BBDB-A83353618B38



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the &quot;Applies to&quot; section.



Timeout error
If a partially trusted client makes Web requests to a Web service, and the network connection is lost, the next Web request returns a timeout error after a 60-second delay. During this delay, the client application may appear to stop responding.

After you apply this hotfix, an &quot;underlying connection was closed&quot; error will occur immediately if the connection is lost.

Note If the connection is a virtual private network (VPN) connection, a 20-second delay will still occur before the &quot;underlying connection was closed&quot; error is raised. This behavior is typical for TCP/IP because attempts are made to send SYN packets at 2-second, 6-second, and 12-second intervals before the error is raised.



For additional information about the terminology that is used to describe Microsoft product updates, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Keywords: kbbug kbfix kbqfe kbnetframe110presp1fix kbhotfixserver KB836989

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.