The parts of the ecosystem that are in danger would be things specifically _not_ included in ECMA CLI. For example, Mono implements API's that Microsoft includes in .NET but not in any of the ECMA specs and not covered by the Community Promise. This is because software written to run in the .NET Framework generally uses these unprotected API's and one of the goals of the Mono project is to run .NET apps with as little hassle as possible. So, they implemented these API's for better or worse.
Using the ECMA CLI does not include implementation of unprotected (by RAND terms and Community Promise) Microsoft API's. This constant threat doesn't really apply. No, Microsoft could not pull the plug on this.
"Microsoft has shot the .NET ecosystem in the foot because of the constant threat of patent infringement that they have cast on the ecosystem."
http://webcache.googleusercontent.com/search?q=cache:O6bmbLp...