Worth to read it ...                 

               Many systems execute untrusted programs in virtual machines (VMs) to limit their access to system resources. Sun introduced the Java VM in 1995, primarily intended as a lightweight platform for
execution of untrusted code inside web pages. More recently, Microsoft developed the .NET platform with
similar goals. Both platforms share many design and implementation properties, but there are key
differences between Java and .NET that have an impact on their security. This paper examines how
.NET’s design avoids vulnerabilities and limitations discovered in Java and discusses lessons learned (and
missed) from Java’s experience with security. ........................

               ..............Java and .NET have similar security goals and mechanisms. .NET’s design benefited from past experience with Java. Examples of this cleaner design include the MSIL instruction set, code access security evidences, and the policy configuration. .NET has been able to shield the developer from some of the complexity through their new architecture.

For more....

http://www.cs.virginia.edu/~evans/pubs/acsac-packaged.pdf

Suresh Behera