Do you need to set both the Response.Status and Response.StatusCode in .NET?

As Guffa states in his answer, only set the description if you do not want to use the W3C-defined defaults.

Setting it does not have a visible effect in most cases, to most users. The description is usually just ignored, and only for 4xx and 5xx error codes ever shown by a user agent, in case there is no body given either with the response. It does appear in logs and developer consoles in browsers, so it's not like it's completely hidden.

It's sometimes a good idea to make errors more verbose. For example, the default text for 403 is Forbidden, but it's fine to set it to 403 Invalid user domain if that is the case - it might make debugging easier some day, or help the support department. Especially for generic errors like 500 it may often be better to give a tad more information, though not enough to be a security risk. Also, if you have extra information about a problem it should be explained in full in the body, not the HTTP status description.

Finally, to answer the last question - if you send a 403 OK response, nothing will burn down, nothing will explode, and no browsers will crash. You might only hopelessly confuse a user that sees the message, which is just a silly thing to do, much like throwing a SQLException on purpose when you have a disk space problem. The browser only looks at the 403 and handle it, but the user will not be a thankful customer.