April 12, 2022-KB5012123 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2
Applies To
.NETRelease Date:April 12, 2022
Version: .NET Framework 3.5 and 4.8
Summary
Security Improvements
This security update addresses an issue where an unauthenticated attacker could cause a denial of service on an affected system. For more information please see CVE-2022-26832.
Quality and reliability improvements
|
Winforms |
- Addresses a leak of IRawElementProviderSimple objects which was introduced in .NET Framework 4.8. This is an opt-in fix, add the following compatibility switch to the app.config file in order to dispose the accessible objects: <runtime> <!-- AppContextSwitchOverrides values are in the form of 'key1=true|false;key2=true|false --> <AppContextSwitchOverrides value="Switch.System.Windows.Forms.DisconnectUiaProvidersOnWmDestroy=true"/> </runtime> Note: that when the accessibility server application opts into this fix, the accessibility client will receive errors when accessing the disconnected provider. This is expected because the corresponding control window is destroyed. Previous behavior where the provider was returning information for destroyed controls was incorrect. |
|
NET Libraries |
- Addresses an issue when Ssl negotiation can hang indefinitely when client certificates are used when TLS 1.3 is negotiated. Before the change renegotiation (PostHandshakeAuthentiction) would fail and SslStream or HttpWebRequest would observe a timeout. |
Known issues in this update
Microsoft is not currently aware of any issues in this update.
How to get this update
Install this update
|
Release Channel |
Available |
Next Step |
|
Windows Update and Microsoft Update |
Yes |
None. This update will be downloaded and installed automatically from Windows Update. |
|
Windows Update for Business |
Yes |
None. This update will be downloaded and installed automatically from Windows Update. |
|
Microsoft Update Catalog |
Yes |
To get the standalone package for this update, go to the Microsoft Update Catalog website. |
|
Windows Server Update Services (WSUS) |
Yes |
This update will automatically sync with WSUS if you configure Products and Classifications as follows: Product: Microsoft server operating system version 21H2 Classification: Security Updates |
File information
For a list of the files that are provided in this update, download the file information for cumulative update.
Information about protection and security
-
Protect yourself online: Windows Security support
-
Learn how we guard against cyber threats: Microsoft Security
Need more help?
Want more options?
Explore subscription benefits, browse training courses, learn how to secure your device, and more.
Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.
