{
	"id": "87647ce1-ccf9-4862-943e-fca6b3b98973",
	"created_at": "2026-04-06T00:08:17.169221Z",
	"updated_at": "2026-04-10T03:21:57.903251Z",
	"deleted_at": null,
	"sha1_hash": "e9c6a3bf89e2439581b78c38be5e00a674f4043c",
	"title": "ClickOnce Deployment and Security - Visual Studio (Windows)",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 67767,
	"plain_text": "ClickOnce Deployment and Security - Visual Studio (Windows)\r\nBy Mikejo5000\r\nArchived: 2026-04-05 20:24:44 UTC\r\nClickOnce is a deployment technology that enables you to create self-updating Windows-based applications that\r\ncan be installed and run with minimal user interaction. Visual Studio provides full support for publishing and\r\nupdating applications deployed with ClickOnce technology if you have developed your projects with Visual Basic\r\nand Visual C#. For information about deploying Visual C++ applications, see ClickOnce Deployment for Visual\r\nC++ Applications.\r\nClickOnce deployment overcomes three major issues in deployment:\r\nDifficulties in updating applications. With Microsoft Windows Installer deployment, whenever an\r\napplication is updated, the user can install an update, an msp file, and apply it to the installed product; with\r\nClickOnce deployment, you can provide updates automatically. Only those parts of the application that\r\nhave changed are downloaded, and then the full, updated application is reinstalled from a new side-by-side\r\nfolder.\r\nImpact to the user's computer. With Windows Installer deployment, applications often rely on shared\r\ncomponents, with the potential for versioning conflicts; with ClickOnce deployment, each application is\r\nself-contained and can't interfere with other applications.\r\nSecurity permissions. Windows Installer deployment requires administrative permissions and allows only\r\nlimited user installation; ClickOnce deployment enables non-administrative users to install and grants only\r\nthose Code Access Security permissions necessary for the application.\r\nIn the past, these issues sometimes caused developers to decide to create Web applications instead of\r\nWindows-based applications, sacrificing a rich user interface for ease of installation. By using applications\r\ndeployed using ClickOnce, you can have the best of both technologies.\r\nWhat is a ClickOnce application?\r\nA ClickOnce application is any Windows Presentation Foundation (.xbap), Windows Forms (.exe), console\r\napplication (.exe), or Office solution (.dll) published using ClickOnce technology. You can publish a ClickOnce\r\napplication in three different ways: from a Web page, from a network file share, or from legacy media such as a\r\nCD-ROM. A ClickOnce application can be installed on an end user's computer and run locally even when the\r\ncomputer is offline, or it can be run in an online-only mode without permanently installing anything on the end\r\nuser's computer. For more information, see Choose a ClickOnce deployment strategy.\r\nClickOnce applications can be self-updating; they can check for newer versions as they become available and\r\nautomatically replace any updated files. The developer can specify the update behavior; a network administrator\r\ncan also control update strategies, for example, marking an update as mandatory. Updates can also be rolled back\r\nhttps://learn.microsoft.com/en-us/visualstudio/deployment/clickonce-security-and-deployment?view=vs-2022\r\nPage 1 of 5\n\nto an earlier version by the end user or by an administrator. For more information, see Choose a ClickOnce update\r\nstrategy.\r\nBecause ClickOnce applications are isolated, installing or running a ClickOnce application can't break existing\r\napplications. ClickOnce applications are self-contained; each ClickOnce application is installed to and run from a\r\nsecure per-user, per-application cache. ClickOnce applications run in the Internet or Intranet security zones. If\r\nnecessary, the application can request elevated security permissions. For more information, see Secure ClickOnce\r\napplications.\r\nHow ClickOnce security works\r\nThe core ClickOnce security is based on certificates, code access security policies, and the ClickOnce trust\r\nprompt.\r\nCertificates\r\nAuthenticode certificates are used to verify the authenticity of the application's publisher. By using Authenticode\r\nfor application deployment, ClickOnce helps prevent a harmful program from portraying itself as a legitimate\r\nprogram coming from an established, trustworthy source. Optionally, certificates can also be used to sign the\r\napplication and deployment manifests to prove that the files haven't been tampered with. For more information,\r\nsee ClickOnce and Authenticode. Certificates can also be used to configure client computers to have a list of\r\ntrusted publishers. If an application comes from a trusted publisher, it can be installed without any user\r\ninteraction. For more information, see Trusted application deployment overview.\r\nCode access security\r\nCode access security helps limit the access that code has to protected resources. In most cases, you can choose the\r\nInternet or Local Intranet zones to limit the permissions. Use the Security page in the Project Designer to request\r\nthe zone appropriate for the application. You can also debug applications with restricted permissions to emulate\r\nthe end-user experience. For more information, see Code access security for ClickOnce applications.\r\nNote\r\nIn ClickOnce for .NET Core and .NET 5 or later, Code Access Security is unsupported. In .NET Framework, the\r\nuse of Code Access Security is not a best practice and is not recommended.\r\nClickOnce trust prompt\r\nIf the application requests more permissions than the zone allows, the end user can be prompted to make a trust\r\ndecision. The end user can decide if ClickOnce applications such as Windows Forms applications, Windows\r\nPresentation Foundation applications, console applications, XAML browser applications, and Office solutions are\r\ntrusted to run. For more information, see How to: Configure the ClickOnce trust prompt behavior.\r\nHow ClickOnce deployment works\r\nhttps://learn.microsoft.com/en-us/visualstudio/deployment/clickonce-security-and-deployment?view=vs-2022\r\nPage 2 of 5\n\nThe core ClickOnce deployment architecture is based on two XML manifest files: an application manifest and a\r\ndeployment manifest. The files are used to describe where the ClickOnce applications are installed from, how\r\nthey're updated, and when they're updated.\r\nPublish ClickOnce applications\r\nThe application manifest describes the application itself. This includes the assemblies, the dependencies and files\r\nthat make up the application, the required permissions, and the location where updates will be available. The\r\napplication developer authors the application manifest by using the Publish Wizard in Visual Studio (Publish tool\r\nfor .NET Core and .NET 5+) or the Manifest Generation and Editing Tool (Mage.exe) in the Windows Software\r\nDevelopment Kit (SDK). For more information, see:\r\nDeploy a .NET desktop application using ClickOnce\r\nDeploy a .NET Framework desktop application using ClickOnce.\r\nThe deployment manifest describes how the application is deployed. This includes the location of the application\r\nmanifest, and the version of the application that clients should run.\r\nNote\r\nIn ClickOnce for .NET Core 3.1 and .NET 5 or later, use dotnet-mage.exe instead of Mage.exe. For more\r\ninformation, see ClickOnce for .NET.\r\nDeploy ClickOnce applications\r\nAfter it's created, the deployment manifest is copied to the deployment location. This can be a Web server,\r\nnetwork file share, or legacy media such as a CD. The application manifest and all the application files are also\r\ncopied to a deployment location that is specified in the deployment manifest. This can be the same as the\r\ndeployment location, or it can be a different location. When using the Publish Wizard in Visual Studio, the copy\r\noperations are performed automatically.\r\nInstall ClickOnce applications\r\nAfter it's deployed to the deployment location, end users can download and install the application by clicking an\r\nicon representing the deployment manifest file on a Web page or in a folder. In most cases, the end user is\r\npresented with a simple dialog box asking the user to confirm installation, after which installation proceeds and\r\nthe application is started without additional intervention. In cases where the application requires elevated\r\npermissions or if the application isn't signed by a trusted certificate, the dialog box also asks the user to grant\r\npermission before the installation can continue. Though ClickOnce installs are per-user, permission elevation may\r\nbe required if there are prerequisites that require administrator privileges. For more information about elevated\r\npermissions, see Securing ClickOnce applications.\r\nCertificates can be trusted at the machine or enterprise level, so that ClickOnce applications signed with a trusted\r\ncertificate can install silently. For more information about trusted certificates, see Trusted application deployment\r\noverview.\r\nhttps://learn.microsoft.com/en-us/visualstudio/deployment/clickonce-security-and-deployment?view=vs-2022\r\nPage 3 of 5\n\nThe application can be added to the user's Start menu and to the Add or Remove Programs group in the Control\r\nPanel. Unlike other deployment technologies, nothing is added to the Program Files folder or the registry, and no\r\nadministrative rights are required for installation\r\nNote\r\nIt's also possible to prevent the application from being added to the Start menu and Add or Remove Programs\r\ngroup, in effect making it behave like a Web application. For more information, see Choose a ClickOnce\r\ndeployment strategy.\r\nUpdate ClickOnce applications\r\nWhen the application developers create an updated version of the application, they generate a new application\r\nmanifest and copy files to a deployment location—usually a sibling folder to the original application deployment\r\nfolder. The administrator updates the deployment manifest to point to the location of the new version of the\r\napplication.\r\nNote\r\nThe Publish Wizard in Visual Studio can be used to perform these steps. For .NET Core and .NET 5+, the\r\nPublish tool provides these steps.\r\nIn addition to the deployment location, the deployment manifest also contains an update location (a Web page or\r\nnetwork file share) where the application checks for updated versions. ClickOnce Publish properties are used to\r\nspecify when and how often the application should check for updates. Update behavior can be specified in the\r\ndeployment manifest, or it can be presented as user choices in the application's user interface by means of the\r\nClickOnce APIs. In addition, Publish properties can be employed to make updates mandatory or to roll back to an\r\nearlier version. For more information, see Choosing a ClickOnce update strategy.\r\nThird party installers\r\nYou can customize your ClickOnce installer to install third-party components along with your application. You\r\nmust have the redistributable package (.exe or .msi file) and describe the package with a language-neutral product\r\nmanifest and a language-specific package manifest. For more information, see Creating bootstrapper packages.\r\nThe following table shows the tools that you can use to generate, edit, sign, and re-sign the application and\r\ndeployment manifests. For .NET Core and .NET 5+, options similar to MSBuild attributes are set using the\r\nPublish profile.\r\nThe following table shows the .NET Framework version required to support ClickOnce applications in these\r\nbrowsers.\r\nBrowser .NET Framework version\r\nFirefox 2.0 SP1, 3.5 SP1, 4\r\nChrome 3.5\r\nhttps://learn.microsoft.com/en-us/visualstudio/deployment/clickonce-security-and-deployment?view=vs-2022\r\nPage 4 of 5\n\nBrowser .NET Framework version\r\nMicrosoft Edge 3.5\r\nRelated content\r\nPublish ClickOnce applications\r\nSecure ClickOnce applications\r\nDeploy COM components with ClickOnce\r\nBuild ClickOnce applications from the command line\r\nDebug ClickOnce applications that use System.Deployment.Application\r\nClickOnce deployment on older versions of Windows\r\nSource: https://learn.microsoft.com/en-us/visualstudio/deployment/clickonce-security-and-deployment?view=vs-2022\r\nhttps://learn.microsoft.com/en-us/visualstudio/deployment/clickonce-security-and-deployment?view=vs-2022\r\nPage 5 of 5",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://learn.microsoft.com/en-us/visualstudio/deployment/clickonce-security-and-deployment?view=vs-2022"
	],
	"report_names": [
		"clickonce-security-and-deployment?view=vs-2022"
	],
	"threat_actors": [],
	"ts_created_at": 1775434097,
	"ts_updated_at": 1775791317,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/e9c6a3bf89e2439581b78c38be5e00a674f4043c.pdf",
		"text": "https://archive.orkl.eu/e9c6a3bf89e2439581b78c38be5e00a674f4043c.txt",
		"img": "https://archive.orkl.eu/e9c6a3bf89e2439581b78c38be5e00a674f4043c.jpg"
	}
}