.NET Framework August 2020 Security and Quality Rollup Updates
Revised 6/8/2021: On June 8th, 2021, this update was released to replace a previous update to address a “revocation server was offline” error that may occur during installation. If you’ve already installed a previous release of this update, no action is required.
Revised 4/15/2021: On April 13th, 2021, this update was released to replace a previous release of this some updates. See known issues section for more details. If you’ve already installed a previous release of an affected update, no action is required.
Today, we are releasing the August 2020 Security and Quality Rollup Updates for .NET Framework.
Security
CVE-2020-1476– .NET Framework Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when ASP.NET or .NET Framework web applications running on IIS improperly allow access to cached files. An attacker who successfully exploited this vulnerability could gain access to restricted files. To exploit this vulnerability, an attacker would need to send a specially crafted request to an affected server. The update addresses the vulnerability by changing how ASP.NET and .NET Framework handle requests.
To learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE).
A remote code execution vulnerability exists when Microsoft .NET Framework processes input. An attacker who successfully exploited this vulnerability could take control of an affected system. To exploit the vulnerability, an attacker would need to be able to upload a specially crafted file to a web application. The security update addresses the vulnerability by correcting how .NET Framework processes input.
For more information go to: ControlBuilderInterceptor class
To learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE).
Quality and Reliability
This release contains the following quality and reliability improvements.
ASP.NET
– Use FIPS-compliant hashes in ASP.Net telemetry data. – Addresses an issue where “Unspecified” was not an allowed value in config for the ‘cookieSameSite’ attribute of the forms authentication and session state configuration sections.
CLR1
– A change in .NET Framework 4.8 regressed certain EnterpriseServices scenarios where an single-thread apartment object may be treated as an multi-thread apartment and lead to a blocking failure. This change now correctly identifies single-thread apartment objects as such and avoids this failure. – Addresses an issue in assemblies with IBC profile data causing Ngen worker processes to crash and fall back to full native images. – Addresses rare crashes that could occur during thread abort delivery.
SQL
– SqlBulkCopy.WriteToServer can cause transactions to in-memory SQL tables, to fail. The client may see an exception with message “Execution Timeout Expired. The timeout period elapsed prior to completion of the operation or the server is not responding.” SqlBulkCopy.WriteToServer was sending an Attention token (cancellation message) after sending data to Sql Server, causing the server to abort the transaction for in-memory tables.
Net Libraries
– Addresses a memory leak in HttpListener.
Winforms
– Addresses an issue with DataGridView IsReadOnlyaccessibility state: Narrator and other accessible tool announces read-only cell status accordingly. – Addresses a regression in .NET Framework 4.8 when applications using the DataGridView ComboBox cell type and have opted into Level 3 Accessibility, may experience intermittent crashes while editing the cell. – Addresses an issue in ClickOnce RFC3161 timestamp verification code.
WCF2
– When using a UPN Windows username with the format similar to username@dns.domain in the username property of a NetworkCredential when using NetTcpBinding or NetNamedPipeBinding, WCF would incorrectly split the username and dns.domain placing them into the UserName and Domain properties. This is invalid in some scenarios and would result in failing to authenticate. This fix removes the credential modification when using a UPN username. The modification can be re-enabled by setting the AppSetting “wcf:enableLegacyUpnUsernameFix” to true.
WPF3
– Addresses an issue when spell-checking is enabled in WPF TextBox or RichTextBox, words like “etc.”, “e.g.” are identified as spelling errors incorrectly. – Addresses an issue when some Per-Monitor Aware WPF applications that run on .NET 4.8 may occasionally encounter a crash with exceptionSystem.ComponentModel.Win32Exception. – Addresses an issue where TextBlock reflows (makes different line-breaking decisions) during render and hit-test, vs. during measure. The symptoms include missing text, and FailFast crashes during programmatic text processing. – Addresses an issue with a render thread failure caused by HostVisual disconnecting its target on the wrong thread. – Addresses an issue with a hang while scrolling a TreeView whose tree is non-uniform, in the sense thata given node’s children govern subtrees whose sizes are quite different. – Addresses an issue with a crash that can occur when closing a tooltip that is re-entrantly closed by user code. – When an HwndHost leaves the visual tree, a stack trace is created. This is expensive, and usually unnecessary. The logic is now changed to create the stack trace only when the anomalous condition occurs. – Addresses a memory leak in System.Speech.SpeechSynthesizer. – DataGrid’s Copy command throws an exception if the system clipboard is locked by another process. This crashes, as there is usually no app code on the stack to catch the exception. The behavior of TextBox (and other apps like Notepad, Word, browsers) in this situation is to fail silently – nothing is copied to the clipboard, but no exception. A WPF app can now opt-in to this behavior by setting in its app.config file. – Addresses an issue in constructing the internal model for a FixedPage document. Some text was appearing in the wrong order for the purposes of editing operations such as selection and copy/paste.
Windowsforms Accessibility Improvements
In this release we are adding new accessibility improvements that your application can opt-in into. By default these changes are disabled. Applications that opt-in into accessibility features introduced in .NET 4.8 and earlier, can add the following compatibility switch to the application’s config file:
“Switch.UseLegacyAccessibilityFeatures.4=false”
Specifically, if an application targets .NET 4.8, add the following AppContextSwitchOverrides section:
<?xml version="1.0" encoding+"utf-8" ?> <configuration> <startup> <supportedRuntime version="v4.0" sku=".NETFramework,Versionv4.8" /> </startup> <runtime> <!-- AppContextSwitchOverrides value attribute is in the form of key1=true|false;key2=true|false --> <AppContextSwitchOverrides value="Switch.UseLegacyAccessibilityFeatures.4=false"/> </runtime> </configuration>
If an application targets an earlier version of the framework and opts in into the previously release sets of accessibility features, then add a single “Switch.UseLegacyAccessibilityFeatures.4=false” switch to the existing AppContextSwitchOverrides section:
<?xml version="1.0" encoding+"utf-8" ?> <configuration> <startup> <supportedRuntime version="v4.0" sku=".NETFramework,Versionv4.7"/> </startup> <runtime> <!-- AppContextSwitchOverrides value attribute is in the form of key1=true|false;key2=true|false --> <AppContextSwitchOverrides value="Switch.UseLegacyAccessibilityFeatures=false|Switch.UseLegacyAccessibilityFeatures.2=false|Switch.UseLegacyAccessibilityFeatures.3=false|Switch.UseLegacyAccessibilityFeatures.4=false"/> </runtime> </configuration>
Winforms accessibility improvements included in this release are: – Addresses an issue with announcing PropertyGrid control items and categories expanded/collapsed state by Screen Readers.
– Updated the accessible patterns of Property Grid control and its inner elements.
– Updated the accessible names of Property Grid control inner elements to correctly announce these by screen reader.
– Addressesbounding rectangle accessible properties for the PropertyGridView controls
– Enables screen readers to announce DataGridView ComboBox cell expanded/collapsed state correctly.
1 Common Language Runtime (CLR) 2 Windows Communication Foundation (WCF) 3 Windows Presentation Foundation (WPF)
Known issues in this security update
| Symptom | Customers using Windows 7 SP1, Windows Server 2008 R2 SP1 or Windows Server 2008, this update does not install, and it returns either or both of the following error messages:
|
| Workaround |
This issue was corrected by the latest release of this update. If you’ve already installed a previous release of this update, no action is required. |
Getting the Update
The Security and Quality Rollup is available via Windows Update, Windows Server Update Services, and Microsoft Update Catalog. The Security Only Update is available via Windows Server Update Services and Microsoft Update Catalog.
Microsoft Update Catalog
You can get the update via the Microsoft Update Catalog. For Windows 10, NET Framework 4.8 updates are available via Windows Update, Windows Server Update Services, Microsoft Update Catalog. Updates for other versions of .NET Framework are part of the Windows 10 Monthly Cumulative Update.
**Note**: Customers that rely on Windows Update and Windows Server Update Services will automatically receive the .NET Framework version-specific updates. Advanced system administrators can also take use of the below direct Microsoft Update Catalog download links to .NET Framework-specific updates. Before applying these updates, please ensure that you carefully review the .NET Framework version applicability, to ensure that you only install updates on systems where they apply.
The following table is for Windows 10 and Windows Server 2016+ versions.
| Product Version | Cumulative Update | |
|---|---|---|
| Windows 10 2004 and Windows Server, version 2004 | ||
| .NET Framework 3.5, 4.8 | Catalog | 4569745 |
| Windows 10 1909 and Windows Server, version 1909 | ||
| .NET Framework 3.5, 4.8 | Catalog | 4569751 |
| Windows 10 1903 and Windows Server, version 1903 | ||
| .NET Framework 3.5, 4.8 | Catalog | 4569751 |
| Windows 10 1809 (October 2018 Update) and Windows Server 2019 | 4570505 | |
| .NET Framework 3.5, 4.7.2 | Catalog | 4569776 |
| .NET Framework 3.5, 4.8 | Catalog | 4569750 |
| Windows 10 1803 (April 2018 Update) | ||
| .NET Framework 3.5, 4.7.2 | Catalog | 4571709 |
| .NET Framework 4.8 | Catalog | 4569749 |
| Windows 10 1709 (Fall Creators Update) | ||
| .NET Framework 3.5, 4.7.1, 4.7.2 | Catalog | 4571741 |
| .NET Framework 4.8 | Catalog | 4569748 |
| Windows 10 1703 (Creators Update) | ||
| .NET Framework 3.5, 4.7, 4.7.1, 4.7.2 | Catalog | 4571689 |
| .NET Framework 4.8 | Catalog | 4569747 |
| Windows 10 1607 (Anniversary Update) and Windows Server 2016 | ||
| .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2 | Catalog | 4571694 |
| .NET Framework 4.8 | Catalog | 4569746 |
| Windows 10 1507 | ||
| .NET Framework 3.5, 4.6, 4.6.1, 4.6.2 | Catalog | 4571692 |
The following table is for earlier Windows and Windows Server versions.
| Product Version | Security and Quality Rollup | Security Only Update | ||
|---|---|---|---|---|
| Windows 8.1, Windows RT 8.1 and Windows Server 2012 R2 | 4570508 | 4570502 | ||
| .NET Framework 3.5 | Catalog | 4569768 | Catalog | 4569737 |
| .NET Framework 4.5.2 | Catalog | 4569778 | Catalog | 4569741 |
| .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 | Catalog | 4569774 | Catalog | 4569739 |
| .NET Framework 4.8 | Catalog | 4569753 | Catalog | 4569732 |
| Windows Server 2012 | 4570507 | 4570501 | ||
| .NET Framework 3.5 | Catalog | 4569765 | Catalog | 4569734 |
| .NET Framework 4.5.2 | Catalog | 4569779 | Catalog | 4569742 |
| .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 | Catalog | 4569773 | Catalog | 4569738 |
| .NET Framework 4.8 | Catalog | 4569752 | Catalog | 4569731 |
| Windows 7 SP1 and Windows Server 2008 R2 SP1 | 4570506 | 4570500 | ||
| .NET Framework 3.5.1 | Catalog | 4569767 | Catalog | 4569736 |
| .NET Framework 4.5.2 | Catalog | 4569780 | Catalog | 4569743 |
| .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 | Catalog | 4569775 | Catalog | 4569740 |
| .NET Framework 4.8 | Catalog | 4569754 | Catalog | 4569733 |
| Windows Server 2008 | 4570509 | 4570503 | ||
| .NET Framework 2.0, 3.0 | Catalog | 4569766 | Catalog | 4569735 |
| .NET Framework 4.5.2 | Catalog | 4569780 | Catalog | 4569743 |
| .NET Framework 4.6 | Catalog | 4569775 | Catalog | 4569740 |
Previous Monthly Rollups
The last few .NET Framework Monthly updates are listed below for your convenience:
– July 2020 Cumulative Update Preview for Windows 10, version 2004 – July 2020 Cumulative Update Preview – July 2020 Security and Quality Rollup Updates – May 2020 Security and Quality Rollup Updates
Light
Dark
1 comment
Hello Tara,
please forward this to Windows 7 Team.
The update kb4040980 (kb4041083 and kb4049016)) should be merged with kb4569767 while replaced.
Same with the 3 updates:
kb2931356
kb2894844
kb2836943-v2
Those 2 updates should be merged too:
kb2789645
kb3023215
All those updates should not be available in Windows Update while Rollup Update is installed or integrated!
edit: It would be nice if all .net updates merged into the rollup update.
Thank you!