July 14, 2026-KB5101004 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 23H2

Applies To
.NET

Note

  • Release Date:
    July 14, 2026
  • Version:
    .NET Framework 3.5 and 4.8.1

The July 14, 2026 update for Windows 11, version 23H2 includes security and cumulative reliability improvements in .NET Framework 3.5 and 4.8.1. We recommend that you apply this update as part of your regular maintenance routines. Before you install this update, see the Prerequisites and Restart requirement sections.

Summary

Security Improvements

CVE-2026-47302 - .NET Framework Denial of Service vulnerability
              This security update addresses a denial of service vulnerability detailed in CVE-2026-47302.

CVE-2026-47304 - .NET Framework Security Feature Bypass vulnerability
              This security update addresses a security feature bypass vulnerability detailed in CVE-2026-47304.

CVE-2026-50304 - .NET Framework Denial of Service vulnerability
                This security update addresses a denial of service vulnerability detailed in CVE-2026-50304.

CVE-2026-50324 - .NET Framework Denial of Service vulnerability
                This security update addresses a denial of service vulnerability detailed in CVE-2026-50324.

CVE-2026-50355 - .NET Framework Denial of Service vulnerability
                This security update addresses a denial of service vulnerability detailed in CVE-2026-50355.

CVE-2026-50368 - .NET Framework Denial of Service vulnerability
                This security update addresses a denial of service vulnerability detailed in CVE-2026-50368.

CVE-2026-50411 - .NET Framework Denial of Service vulnerability
                This security update addresses a denial of service vulnerability detailed in CVE-2026-50411.

CVE-2026-50525 - .NET Framework Denial of Service vulnerability
              This security update addresses a denial of service vulnerability detailed in CVE-2026-50525.

CVE-2026-50527 - .NET Framework Denial of Service vulnerability
              This security update addresses a denial of service vulnerability detailed in CVE-2026-50527.

CVE-2026-50646 - .NET Framework Elevation of Privilege vulnerability
              This security update addresses an elevation of privilege vulnerability detailed in CVE-2026-50646.

CVE-2026-50647 - .NET Framework Denial of Service vulnerability
                This security update addresses a denial of service vulnerability detailed in CVE-2026-50647.

CVE-2026-50648 - .NET Framework Denial of Service vulnerability
              This security update addresses a denial of service vulnerability detailed in CVE-2026-50648.

CVE-2026-50649 - .NET Framework Remote Code Execution vulnerability
              This security update addresses a remote code execution vulnerability detailed in CVE-2026-50649.

CVE-2026-50650 - .NET Framework Elevation of Privilege vulnerability
              This security update addresses an elevation of privilege vulnerability detailed in CVE-2026-50650.

CVE-2026-50652 - .NET Framework Denial of Service vulnerability
              This security update addresses a denial of service vulnerability detailed in CVE-2026-50652.

CVE-2026-50653 - .NET Framework Denial of Service vulnerability
              This security update addresses a denial of service vulnerability detailed in CVE-2026-50653.

CVE-2026-50659 - .NET Framework Tampering vulnerability
              This security update addresses a tampering vulnerability detailed in CVE-2026-50659.

CVE-2026-56158 - .NET Framework Remote Code Execution vulnerability
              This security update addresses a remote code execution vulnerability detailed in CVE-2026-56158.

Quality and Reliability Improvements

.NET Libraries - Addresses an issue with synchronous HttpWebRequest connections where requests could hang in specific secure connection scenarios with certain server configurations.
.NET Runtime - Addresses an issue in the Visual Studio x86 native debugger where certain floating-point values could be reported incorrectly during step operations in mixed-code applications.

Known issues in this update

Microsoft is not currently aware of any issues in this update.

How to get this update

Install this update

Release Channel Available Next Step
Windows Update and Microsoft Update Yes None. This update will be downloaded and installed automatically from Windows Update.
Windows Update for Business Yes None. This update will be downloaded and installed automatically from Windows Update.
Microsoft Update Catalog Yes To get the standalone package for this update, go to the Microsoft Update Catalog website.
Windows Server Update Services (WSUS) Yes This update will automatically sync with WSUS if you configure as follows:
Product: Windows 11, version 23H2
Classification: Security Updates

File information

For a list of the files that are provided in this update, download the file information for cumulative update.

Prerequisites

To apply this update, you must have .NET Framework 3.5 or 4.8.1 installed.

Restart requirement

You must restart the computer after you apply this update if any affected files are being used. We recommend that you exit all .NET Framework-based applications before you apply this update.

How to obtain help and support for this update