Security and Quality Rollup for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 (KB4569773)

Applies to: .NET Framework

Summary


Security improvements

An elevation of privilege vulnerability exists when ASP.NET or .NET Framework web applications running on IIS improperly allow access to cached files. An attacker who successfully exploited this vulnerability could gain access to restricted files. To exploit this vulnerability, an attacker would need to send a specially crafted request to an affected server. The update addresses the vulnerability by changing how ASP.NET and .NET Framework handle requests.

To learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE).

 

Quality and reliability improvements

CLR1

- Addresses rare crashes that could occur during thread abort delivery.

ASP.NET

- Use FIPS-compliant hashes in ASP.Net telemetry data.

- Addresses an issue where "Unspecified" was not an allowed value in config for the 'cookieSameSite' attribute of the forms authentication and session state configuration sections.

- Addresses an issue where first requests to a cold site sometimes return a server configuration error from System.Web.DirectoryMonitor.AddFileMonitor().

WPF2

- Addresses an issue where TextBlock reflows (makes different line-breaking decisions) during render and hit-test, vs. during measure. The symptoms include missing text, and FailFast crashes during programmatic text processing.

- Addresses a render thread failure caused by HostVisual disconnecting its target on the wrong thread.

- Addresses a hang while scrolling a TreeView whose tree is non-uniform, in the sense thata given node's children govern subtrees whose sizes are quite different.

- DataGrid's Copy command throws an exception if the system clipboard is locked by another process. This crashes, as there is usually no app code on the stack to catch the exception. The behavior of TextBox (and other apps like Notepad, Word, browsers) in this situation is to fail silently - nothing is copied to the clipboard, but no exception. A WPF app can now opt-in to this behavior by setting the following in the app.config file:

<appSettings>

<add key="ShouldThrowOnDataGridCopyOrCutFailure" value="false"/>

</appSettings>

- Addresses the way non-animated text with TextRenderingMode="ClearType" and TextFormattingMode="Ideal" is drawn. It now uses a symmetric anti-aliasing algorithm, which produces better visual results for text with fine strokes (common in Far East languages, Arabic, Hebrew, and fonts designed specifically for symmetric anti-aliasing).

- Addresses a crash that can occur when closing a tooltip that is re-entrantly closed by user code.

- Addresses a memory leak in System.Speech.SpeechSynthesizer.

- Addresses issues in constructing the internal model for a FixedPage document. Some text was appearing in the wrong order for the purposes of editing operations such as selection and copy/paste.

Net Libraries

- Addresses a memory leak in HttpListener.


1 Common Language Runtime (CLR)
2 Windows Presentation Foundation (WPF)

Important

  • All updates for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, and 4.7.2 require that the d3dcompiler_47.dll update is installed. We recommend that you install the included d3dcompiler_47.dll update before you apply this update. For more information about the d3dcompiler_47.dll, see KB 4019990.
  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

Known issues in this update


Windows Presentation Framework (WPF) applications that use two or more HostVisual elements belonging to a common thread, where both HostVisual elements are asked to disconnect from their visual target at roughly the same time, mail fail with the following error:

Exception type:  System.COMException
Message:  UCEERR_RENDERTHREADFAILURE (HRESULT 0x88980406)
Callstack:  top frame is System.Windows.Media.Composition.DUCE+Channel.SyncFlush()

Workarounds

You can disable the problematic fix by setting the AppContext switch “Switch.System.Windows.Media.HostVisual.DisconnectsOnWrongThread” to true, using one of the methods described here.  This exposes your app to the original bug, so you should remove the switch once a fix is published through an upcoming update.

Workaround 1


•    Add the following entry to the app.config file to disable the problematic fix in a single application.


<runtime>
    <AppContextSwitchOverrides value="Switch.System.Windows.Media.HostVisual.DisconnectsOnWrongThread=true"/>
</runtime>

Note that if your application configuration already has an entry for <AppContextSwitchOverrides>, you need to add the new setting within that entry, separated from other switches by a semicolon:

   <AppContextSwitchOverrides value="Switch.SomeOtherSwitch=true; Switch.System.Windows.Media.HostVisual.DisconnectsOnWrongThread=true"/>

Workaround 2


•    Apply the following registry subkey to disable the problematic fix for all WPF applications on the machine.
 Warning
Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Microsoft can't guarantee that these problems can be solved. Modify the registry at your own risk.


Location: HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\AppContext\
Name: Switch.System.Media.HostVisual.DisconnectsOnWrongThread
Type: String
Value: true

Note that on 64-bit operating systems, you also need to apply a registry subkey with the same name, type, and value at the location:   HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\AppContext\

Resolution

We are working on a resolution and will provide an update in an upcoming release.
 

 

Additional information about this update


The following articles contain additional information about this update as it relates to individual product versions.
  • 4570507 Description of the Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 (KB4570507)

How to obtain and install the update


Before installing this update

Prerequisite:

To apply this update, you must have .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 installed.

Install this update

Release Channel Available Next Step
Windows Update and Microsoft Update Yes None. This update will be downloaded and installed automatically from Windows Update.
Microsoft Update Catalog Yes To get the standalone package for this update, go to the Microsoft Update Catalog website.
Windows Server Update Services (WSUS) Yes

This update will automatically sync with WSUS if you configure Products and Classifications as follows:

Product:Windows Server 2012

Classification: Security Updates

Prerequisites

To apply this update, you must have .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 installed.

Restart requirement

You must restart the computer after you apply this update if any affected files are being used. We recommend that you exit all .NET Framework-based applications before you apply this update.

Update deployment information

For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:

20200811 Security update deployment information: August 11, 2020

Update removal information

Note We do not recommend that you remove any security update. To remove this update, use the Programs and Features item in Control Panel.

Update restart information

This update does not require a system restart after you apply it unless files that are being updated are locked or are being used.

Update replacement information

This update replaces previously released updates 4566518.

File information



File information
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables.

Windows Server 2012 file information

Information about protection and security