SYMPTOMS
Microsoft ASP.NET performance may be affected if an administrative user does not log on after you install security update MS05-004. This behavior occurs because the security update updates DLLs that have a native image. During installation, the native images are invalidated until an administrator logs onto the server.
Performance impact can be measured in more CPU usage when code is loaded at startup time. No significant performance degradation occurs at a steady state.
This performance impact only occurs after you apply this security update on computers that are running the Microsoft .NET Framework 1.0 Service Pack 2 (SP2) and the original released version of the .NET Framework 1.1.
Security update MS05-004 installs a new version of the following DLLs:
If the .NET Framework 1.1 is installed- System.dll
- System.xml.dll
If the .NET Framework 1.0 SP2 is installed- Mscorlib.dll
- System.dll
- System.xml.dll
To determine which major version of the .NET Framework you have installed, use the following method:
- If the %windir%\Microsoft.net\Framework\v1.0.3705 folder contains more than four files, the .NET Framework 1.0 is installed. The .NET Framework 1.0 is not installed if the folder only contains the following files:
- Installutil.exe.config
- Mscormmc.cfg
- Mscormmc.dll
- Regsvcs.exe.rtm.config
- If the %windir%\Microsoft.net\Framework\v1.1.4322 folder exists, the .NET Framework 1.1 is installed.
Note Both directories can exist.
Note To determine which service pack is installed, use the following method:
- If the version of the %windir%\Microsoft.net\Framework\v1.0.3705\Sscorwrks.dll file is earlier than 1.0.3705.6000, the .NET Framework 1.0 SP2 is installed.
- If the version of the %windir%\Microsoft.net\Framework\v1.1.4322\Sscorwrks.dll file is earlier than 1.1.4322.2000, the .NET Framework 1.1 is installed.
RESOLUTION
After you install this security update, native images are regenerated the first time that an administrative user logs on to the computer. As soon as the native images are regenerated, system performance is restored to original levels. This behavior occurs because code does not have to be just-in-time (JIT)-compiled when it is loaded.
You can also regenerate native images by using the Native Image Generator tool (Ngen.exe). To do this, use the following commands:
If the .NET Framework 1.1 is installedNGEN %windir%\Microsoft.Net\Framework\V1.1.4322\system.dll
NGEN %windir%\Microsoft.Net\Framework\V1.1.4322\system.Xml.dll
Note The Native Image Generator tool is located in the %windir%\Microsoft.Net\Framework\V1.1.4322
folder.
If the .NET Framework 1.0 SP2 is installedNGEN %windir%\Microsoft.Net\Framework\V1.0.3705\mscorlib.dll
NGEN %windir%\Microsoft.Net\Framework\V1.0.3705\system.dll
NGEN %windir%\Microsoft.Net\Framework\V1.0.3705\system.Xml.dll
Because a new version of the Mscorlib.dll file is installed, all native images that are on the computer are invalidated. Therefore, you must also regenerate the native images for the following DLLs:
NGEN %windir%\Microsoft.Net\Framework\V1.0.3705\custommarshalers.dll
NGEN %windir%\Microsoft.Net\Framework\V1.0.3705\system.Design.dll
NGEN %windir%\Microsoft.Net\Framework\V1.0.3705\system.Drawing.dll
NGEN %windir%\Microsoft.Net\Framework\V1.0.3705\system.Drawing.Design.dll
NGEN %windir%\Microsoft.Net\Framework\V1.0.3705\system.Windows.Forms.dll
Note The Native Image Generator tool is located in the %windir%\Microsoft.Net\Framework\V1.0.3705 folder.
REFERENCES
For additional information about the MS05-004 security update, click the following article number to view the article in the Microsoft Knowledge Base:
887219
MS05-004: ASP.NET path validation vulnerability could allow unauthorized access
For more information about the Native Image Generator tool (Ngen.exe), visit the following Microsoft Developers Network Web site: