Tim’s post has the details here. For me, the points to take particular notice of are;
- Signed XAPs
- Networking sandbox is now relaxed for TCP/UDP applications when running trusted out of browser. I need to check up on whether any security policy is needed at all here and, further, whether there are changes to the way in which that policy is served.
- Silent installations