Note
- Release Date:
February 9, 2021 - Version:
.NET Framework 4.8
Summary
Security Improvements
This security update addresses a denial of service vulnerability in .NET Framework. For more information please see CVE-2021-24111.
Quality Improvements
| ASP.NET | - Addresses an issue where after installing the update released on October 20th, some ASP.Net applications fail during precompilation – likely with a message that contains the words “Error ASPCONFIG.” |
|---|---|
| WPF1 | - Addresses a hang when scrolling to the end of a TreeView, when layout rounding is enabled and DPI scaling is not 100%. |
| CLR | - Improves the reliability of automatic Native Image generation task. |
1 Windows Presentation Foundation (WPF)
Known issues in this update
| Symptom | After installing this update, WPF apps may crash with a callstack similar to Exception Info: System.NullReferenceException at System.Windows.Interop.HwndMouseInputProvider.HasCustomChrome(System.Windows.Interop.HwndSource, RECT ByRef) at System.Windows.Interop.HwndMouseInputProvider.GetEffectiveClientRect(IntPtr) at System.Windows.Interop.HwndMouseInputProvider.PossiblyDeactivate(IntPtr, Boolean) at System.Windows.Interop.HwndMouseInputProvider.Dispose()This occurs when disposing an HwndSource whose RootVisual is null, a situation that arises in Visual Studio when docking or splitting windows, and could arise in other apps. |
|---|---|
| Workaround | To work around this problem, set two AppContext switches using one of the methods described in AppContext Class (System) under the heading “AppContext for library consumers”. The switches are named Switch.System.Windows.Interop.MouseInput.OptOutOfMoveToChromedWindowFix and Switch.System.Windows.Interop.MouseInput.DoNotOptOutOfMoveToChromedWindowFix and both should be set to “true”. The first switch avoids the crash, but re-introduces the bug fixed in the KBs. The second switch is currently ignored, but will be recognized in a future .NET update that contains a fix for the null-reference crash; it restores the original bug fix. For example, using the app.config file method to apply the workaround at application scope:<AppContextSwitchOverrides value="Switch.System.Windows.Interop.MouseInput.OptOutOfMoveToChromedWindowFix=true; Switch.System.Windows.Interop.MouseInput.DoNotOptOutOfMoveToChromedWindowFix=true " /> |
How to get this update
Install this update
| Release Channel | Available | Next Step |
|---|---|---|
| Windows Update and Microsoft Update | Yes | None. This update will be downloaded and installed automatically from Windows Update. |
| Microsoft Update Catalog | Yes | To get the standalone package for this update, go to the Microsoft Update Catalog website. |
| Windows Server Update Services (WSUS) | Yes | This update will automatically sync with WSUS if you configure Products and Classifications as follows: Product: Windows 10 Version 1803 Classification: Security Updates |
File information
For a list of the files that are provided in this update, download the file information for cumulative update.
Information about protection and security
- Protect yourself online: Windows Security support
- Learn how we guard against cyber threats: Microsoft Security