I thought the security was supposed to be inherent in the OS, and couldn't be compromised by an application.
I don’t think .net is an app. More like some layer of java like stuff that links to NSA.
Part of that inherent security is the closed ecosystem of applications and the limited development interfaces. Opening up the system to a platform that comes from a company which counts vulnerabilities in the tens of thousands doesn’t seem like a very good idea to me.