Trust must be established prior to enabling the loading of remote code in .Net 4.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-225233 | APPNET0065 | SV-225233r961608_rule | Medium |
| Description |
| STIG | Date |
| Microsoft DotNet Framework 4.0 Security Technical Implementation Guide | 2025-05-16 |
Details
| Check Text (C-26932r468014_chk) |
| Open Windows explorer and search for *.exe.config. Search each config file found for the "loadFromRemoteSources" element. If the loadFromRemoteSources element is enabled ("loadFromRemoteSources enabled = true"), and the remotely loaded application is not run in a sandboxed environment, or if OS based software controls, such as AppLocker or Software Security Policies, are not utilized, this is a finding. |
| Fix Text (F-26920r468015_fix) |
| .Net application code loaded from a remote source must be run in a controlled environment. A controlled environment consists of a sandbox, such as running in an Internet Explorer host environment or employing OS based software access controls, such as AppLocker or Software Security Policies, when application design permits. Obtain documented IAO approvals for all remotely loaded code. |