"The most widely publicized security issue in .NET was W32.Donut, a virus that took control of the excecutable before the .NET runtime had control. Since the vulnerability occurs before the .NET runtime takes control, we consider this a problem with the way the operating system transfers control to .NET, not with the .NET platform"
Isn't the whole point with a VM that the executable will never be directly exposed to system resources? Why doesn't the same thing happen to JVM? As far as I can see, this reveals that the .NET system is having issues controling it's applications, which to me is a major security flaw.
