Description of the Security Only update for .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1 for Windows 7 SP1 and Server 2008 R2 SP1, and for .NET Framework 4.6 for Server 2008 (KB 4096237)

Quality and reliability improvements

CLR1

  • Fixed a floating-point overflow in the thread pool’s hill climbing algorithm.

  • When you observe high CPU usage by ntoskrnl!KiPageFault that originates from BGC (as indicated by the clr!*gc_heap::bgc_thread_function), you might want this change so that the GC no longer uses the OS-implemented GetWriteWatch function to track BGC heap modifications. That process is very expensive because each of these page faults must take a process-wide lock. This is especially noticeable in the recent versions of the OS. You are probably seeing that most of the CPU is spent in the ntoskrnl!ExpWaitForSpinLockExclusiveAndAcquire function. This fix makes GC use CLR’s own implementation of the GetWriteWatch function instead.

1 Common Language Runtime (CLR)

Additional information about this security update

For more information about this security update as it relates to Windows 7 SP1 and Windows Server 2008 R2 SP1, see the following article in the Microsoft Knowledge Base:

4099637 Security Only update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1 updates for Windows 7 SP1 and Server 2008 R2 SP1 (KB 4099637)

For more information about this security update as it relates to Windows Server 2008 SP2, see the following article in the Microsoft Knowledge Base:

4099640 Security Only update for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2 and 4.6 updates for Windows Server 2008 SP2 (KB 4099640)

How to obtain and install the update

Method 1: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog.

  • For Windows 7 SP1 and Windows Server 2008 R2 SP1, install update KB 4099637.

  • For Windows Server 2008 SP2, install update KB 4099640.

Method 2: Windows Software Update Services (WSUS)

On your WSUS server, follow these steps:

  1. Click Start, click Administrative Tools, and then click Microsoft Windows Server Update Services 3.0.

  2. Expand ComputerName, and then click Action.

  3. Click Import Updates.

  4. WSUS opens a browser window in which you may be prompted to install an ActiveX control. You must install the ActiveX control to continue.

  5. After the control is installed, you see the Microsoft Update Catalog screen. Enter 4099637 into the Search box, and then click Search.

  6. Locate the .NET Framework packages that match the operating systems, languages, and processors in your environment. Click Add to add them to your basket.

  7. After you select all the packages that you need, click View Basket.

  8. To import the packages to your WSUS server, click Import.

  9. After the packages are imported, click Close to return to WSUS.

The updates are now available for installation through WSUS.

Update deployment information

For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:

20180508 Security update deployment information: May 8, 2018

Update removal information

Note We do not recommend that you remove any security update. To remove this update, use the Programs and Features item in Control Panel.

Update restart information

This update does not require a system restart after you apply it unless files that are being updated are locked or are being used.

Update replacement information

This update does not replace any previously released update.

File information

File hash information

File name

SHA1 hash

SHA256 hash

NDP47-KB4096237-x86.exe

24E0D990C42CDBEC83D7EF595CB82AAFD771BEE1

26E1DE78AC6C722D6DE9CA1BC71DDA32A511577C6CBA11F9DCFB84D3D6CBD2EF

NDP47-KB4096237-x64.exe

82CC4F1587E4B87A57C96028F9BE4FE9AEB02D82

D31281763E0BA49B034E50166B9742F555F774AA567C2AACA225846AD20890A9

Windows 7 and Windows Server 2008 R2 file information

For all supported x64-based versions

File name

File version

File size

Date

Time

clr.dll

4.7.2650.0

10,361,472

27-Mar-2018

20:54

clr.dll

4.7.2650.0

7,240,320

27-Mar-2018

20:39

clrjit.dll

4.7.2650.0

1,208,456

27-Mar-2018

20:54

clrjit.dll

4.7.2650.0

522,888

27-Mar-2018

20:39

compatjit.dll

4.7.2650.0

1,259,664

27-Mar-2018

20:54

mscordacwks.dll

4.7.2650.0

1,838,240

27-Mar-2018

20:54

mscordacwks.dll

4.7.2650.0

1,341,088

27-Mar-2018

20:39

mscordbi.dll

4.7.2650.0

1,621,136

27-Mar-2018

20:54

mscordbi.dll

4.7.2650.0

1,167,504

27-Mar-2018

20:39

mscorlib.dll

4.7.2650.0

5,413,520

27-Mar-2018

20:54

mscorlib.dll

4.7.2650.0

5,631,624

27-Mar-2018

20:39

msvcp120_clr0400.dll

12.0.52519.0

690,008

27-Mar-2018

20:54

msvcp120_clr0400.dll

12.0.52519.0

485,576

27-Mar-2018

20:40

msvcr120_clr0400.dll

12.0.52519.0

993,632

27-Mar-2018

20:54

msvcr120_clr0400.dll

12.0.52519.0

987,840

27-Mar-2018

20:40

peverify.dll

4.7.2650.0

260,240

27-Mar-2018

20:54

peverify.dll

4.7.2650.0

188,560

27-Mar-2018

20:40

SOS.dll

4.7.2650.0

872,056

27-Mar-2018

20:54

SOS.dll

4.7.2650.0

743,544

27-Mar-2018

20:39

System.Security.dll

4.7.2650.0

324,696

27-Mar-2018

20:40

For all supported x86-based versions

File name

File version

File size

Date

Time

clr.dll

4.7.2650.0

7,240,320

27-Mar-2018

20:39

clrjit.dll

4.7.2650.0

522,888

27-Mar-2018

20:39

mscordacwks.dll

4.7.2650.0

1,341,088

27-Mar-2018

20:39

mscordbi.dll

4.7.2650.0

1,167,504

27-Mar-2018

20:39

mscorlib.dll

4.7.2650.0

5,631,624

27-Mar-2018

20:39

msvcp120_clr0400.dll

12.0.52519.0

485,576

27-Mar-2018

20:40

msvcr120_clr0400.dll

12.0.52519.0

987,840

27-Mar-2018

20:40

peverify.dll

4.7.2650.0

188,560

27-Mar-2018

20:40

SOS.dll

4.7.2650.0

743,544

27-Mar-2018

20:39

System.Security.dll

4.7.2650.0

324,696

27-Mar-2018

20:40

How to obtain help and support for this security update

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.

×