May 14, 2024-KB5037591 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 and Windows 11, version 23H2. .NET. IMPORTANT. This update was originally released in the Security and Quality Rollup that’s dated April 23, 2024. This update is included in the Security and Quality Rollup that’s dated May 14, 2024.

Customers who attempt to pre-install updates to .NET Framework 3.5 to offline images that do not contain the .NET Framework 3.5 product enabled will expose these systems to failures to enable .NET Framework 3.5 after the systems are online.

IMPORTANT. This update is included in the Cumulative Update that's dated May 14, 2024. Parts of this update were previously released in the Cumulative Update that's dated April 23, 2024. Summary. This article describes the security and cumulative update for 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2. Security Improvements.

CVE-2024-21409 - .NET Framework Remote Code Execution Vulnerability. This security update addresses a remote code execution vulnerability detailed in CVE-2024-21409. .NET Framework Defense in Depth Vulnerability. This security update addresses an issue where version of the OSS zlib library is out of date.

November 14, 2023-Security and Quality Rollup for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 7 Standard and Windows Server 2008 R2 SP1 (KB5032341) - Microsoft Support. .NET. Revised 11/15/23: to remove CVE details which were not affected by the .NET Framework November Security and Quality rollup. Applies to:

Summary. Security Improvements. CVE-2023-24897 - .NET Framework Remote Code Execution Vulnerability. This security update addresses a vulnerability in the MSDIA SDK where corrupted PDBs can cause heap overflow, leading to a crash or remove code execution. For more information see CVE 2023-24897.

IMPORTANT All updates for .NET Framework 4.7.2, 4.7.1, 4.7, 4.6.2, 4.6.1, and 4.6 require that the d3dcompiler_47.dll update is installed. We recommend that you install the included d3dcompiler_47.dll update before you apply this update. For more information about the d3dcompiler_47.dll, see KB 4019990.

This article lists the Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7 updates for Windows 7 SP1 and Windows Server 2008 R2 SP1. Important. All updates for .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 require the d3dcompiler_47.dll update to be installed.

April 9, 2024-Security and Quality Rollup for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 (KB5037041) - Microsoft Support. .NET. Applies to: Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.6.2.

Summary. This update resolves a vulnerability in the Microsoft .NET Framework that could allow remote code execution when the .NET Framework fails to properly validate input before loading libraries. An attacker who successfully exploits this vulnerability could take control of an affected system.