Security Concerns for Internal Virtual and Overloads Overridable Friend Keywords
You should never base the security of your application on a member that is marked with the internal virtual modifier in C# (the Overloads Overridable Friend modifier in Visual Basic). Although members marked with these modifiers can only be overridden by other members within the current assembly, this rule is enforced only by the C# and Visual Basic languages. The runtime does not enforce this rule. It is therefore possible to override members marked as internal virtual in C# and Overloads Overridable Friend in Visual Basic using Microsoft Intermediate Language, or any other language that does not enforce this rule.