April 12, 2022-KB5012117 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 20H2, Windows Server, version 20H2, Windows 10 Version 21H1, and Windows 10 Version 21H2
Applies To
.NETRelease Date:
April 12, 2022Version:
.NET Framework 3.5 and 4.8Summary
Security Improvements
This security update addresses an issue where an unauthenticated attacker could cause a denial of service on an affected system. For more information please see CVE-2022-26832.
Quality and reliability improvements
Winforms |
- Addresses a leak of IRawElementProviderSimple objects which was introduced in .NET Framework 4.8. This is an opt-in fix, add the following compatibility switch to the app.config file in order to dispose the accessible objects: <runtime> <!-- AppContextSwitchOverrides values are in the form of 'key1=true|false;key2=true|false --> <AppContextSwitchOverrides value="Switch.System.Windows.Forms.DisconnectUiaProvidersOnWmDestroy=true"/> </runtime>Note: that when the accessibility server application opts into this fix, the accessibility client will receive errors when accessing the disconnected provider. This is expected because the corresponding control window is destroyed. Previous behavior where the provider was returning information for destroyed controls was incorrect. |
NET Libraries |
- Addresses an issue when Ssl negotiation can hang indefinitely when client certificates are used when TLS 1.3 is negotiated. Before the change renegotiation (PostHandshakeAuthentiction) would fail and SslStream or HttpWebRequest would observe a timeout. |
Known issues in this update
Microsoft is not currently aware of any issues in this update.
How to get this update
Install this update
Release Channel |
Available |
Next Step |
Windows Update and Microsoft Update |
Yes |
None. This update will be downloaded and installed automatically from Windows Update. |
Windows Update for Business |
Yes |
None. This update will be downloaded and installed automatically from Windows Update. |
Microsoft Update Catalog |
Yes |
To get the standalone package for this update, go to the Microsoft Update Catalog website. |
Windows Server Update Services (WSUS) |
Yes |
This update will automatically sync with WSUS if you configure Products and Classifications as follows: Product: Windows 10, version 20H2, Windows Server, version 20H2, Windows 10 Version 21H1, and Windows 10 Version 21H2 Classification: Security Updates |
File information
For a list of the files that are provided in this update, download the file information for cumulative update.
Information about protection and security
-
Protect yourself online: Windows Security support
-
Learn how we guard against cyber threats: Microsoft Security