Select the product you need help with
- Internet Explorer
- Windows Phone
- More products
Applications that bypass globally serviced side-by-side assemblies may be vulnerable to issues that are fixed by a Microsoft software update
Article ID: 835322 - View products that this article applies to.
On Microsoft Windows Server 2003-based computers, administrators can bypass any globally updated side-by-side assemblies for a specific application. On Microsoft Windows XP-based computers, software developers and administrators can bypass any globally updated side-by-side assemblies for a specific application. However, this bypass feature may make your application vulnerable to issues that would otherwise be fixed by installing a global Microsoft software update. Therefore, we strongly recommend that software developers and administrators do not use this feature.
We do not recommend that you use side-by-side assemblies that are mixed with the DLL/COM redirection on Windows technique. See the "More Information" section for details.
A side-by-side assembly contains a collection of resources that may include one or more DLL files, windows classes, COM servers, type libraries, or interfaces. These resources are always provided together to applications. A side-by-side assembly is selected by an XML application manifest that may exist in any one of the following locations:
Additionally, an administrator for Windows Server 2003, or an administrator or software developer for Windows XP, can bypass, or "opt-out" of, any globally updated side-by-side assemblies for a specific application, instead of removing the globally updated assembly for all applications. To do this, an administrator can update the application configuration file to include a <publisherPolicy apply="no"/> element.
To determine whether an application configuration file is being used to bypass any globally updated side-by-side assemblies for a specific application on a Windows XP-based computer, look for the <publisherPolicy apply="no"/> element in a .config file with the same file name as the application executable. For example, look for the <publisherPolicy apply="no"/> element in the Application.exe.config file to determine whether globally updated side-by-side assemblies are being bypassed for an application that uses Application.exe as its executable file. This Application.exe.config file is installed in the same location as the application's application manifest.
This feature lets software developers and administrators selectively disable a Microsoft software update for a specific application that does not work correctly when the software update is installed. (Therefore, software developers or administrators do not have to remove the software update for all applications.) However, if an application includes such a bypass, the application may be vulnerable to any issues that are fixed by the software update.
Note This bypass requires an entry in the Microsoft Application Compatibility database on Windows Server 2003-based computers. This setting can be added only by administrators or by Microsoft in a software update.
There are additional methods that the application author, or someone with control of the application directory, can bypass the global update.
Caution on using the DLL/COM redirection on Windows technique
This technique typically calls for a .local file to be deployed with the application. This requirement helps reduce application compatibility issues.
Note The .local file makes the system prefer the copy of the DLL in the application folder instead of the global copy, which may be a valuable service update. We recommend that software developers and administrators use this feature with caution, or not at all, when the application is using a side-by-side assembly.
For more information about the DLL/COM Redirection on Windows technique, visit the following Microsoft Web site:
Recommended practices for software developers who use side-by-side assemblies
For more information about isolated applications and side-by-side assemblies, visit the following Microsoft Web site:
http://msdn2.microsoft.com/en-us/library/aa375193.aspxFor additional information, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/824684/ )Description of the standard terminology that is used to describe Microsoft software updates
Article ID: 835322 - Last Review: December 1, 2007 - Revision: 4.4