Today we pushed .NET 1.0 SP3 and .NET 1.1 SP1 onto Windows Update as a Critical Update.  You can also download the service packs from the MSDN download center.  Here's a brief review of what's new for security in each service pack:

.NET 1.0 SP3 (v1.0.3705.6018) [download | complete changelist]

• 323683: NTLM authentication is lost on every call
• 321562: FIX: Role-based authentication fails for users who belong to many groups

and these security related fixes that weren't from the CLR security team:

• 324488: Forms authentication and view state fail intermittently under heavy load
• 327132: FIX: PassportIdentity does not require secure PIN when security-enhanced authentication is requested
• 327523: Users can open Web pages without the correct NTFS permissions

.NET 1.1 SP1 (v1.1.4322.2032) [download | Windows 2003 download | complete changelist]

• 836989: FIX: A user receives a "security exception" error message while running user code that is based on the .NET Framework 1.1 in a partial trust environment
• 828295: FIX: Error Message: Security Exception: PermissionToken Index Does Not Match Index into m_unrestrictedPermSet
• 839289: FIX: The GC heap becomes corrupted when you use the .NET Framework System.Security.Cryptography.RSACryptoServiceProvider class