Today, we are releasing the October 2022 Security and Quality Rollup Updates for .NET Framework.
Security
For Windows 11, version 22H2 and Microsoft server operating system, version 22H2 the October Security and Quality Rollup Update is cumulative and contains all previously released security improvements. For all other windows versions the October Security and Quality Rollup Update does not contain any new security fixes. See September 2022 Security and Quality Rollup for the latest security updates.
Quality and Reliability
This release contains the following quality and reliability improvements.
WPF1
- Addresses an issue of WPF apps not working with “Text Cursor Indicator” enabled when using RichTextBox.
- Addresses an issue to allow users to adjust column width for Datagrid and Gridview controls using keybord.
- Addresses an issue where opening a tooltip causes an ArgumentOutOfRangeException, when the app has changed the floating-point control word.
- Addresses an issue where invoking a synchronization Wait on the UI thread can lead to a render-thread failure, due to unexpected re-entrancy.
- Addresses issues arising in TreeView (or ListBox/DataGrid with grouping enabled) when changing the underlying collection(s) while also collapsing or expanding TreeView nodes. Scrolling actions, especially “short” actions like LineUp or MouseWheelUp, can result in poor outcomes: hangs, crashes, unexpected scrolling, gaps in the display, etc.
- Addresses an issue where DWM failures can cause WPF’s render thread to fail. An app can opt-in to the behavior of ignoring all DwmFlush errors by setting a regkey in HKCU\Software\Microsoft\Avalon.Graphics\IgnoreDwmFlushErrors or HKLM\Software\Microsoft\Avalon.Graphics\IgnoreDwmFlushErrors whose name is the full path to the .exe that wants to opt-in, and whose DWORD value is 1.
Winforms
- Enabled Narrator to focus on System.Windows.Forms.DataGridView control even if it’s empty.
- Improved keyboard navigation in ToolStrip ComboBox and TextBox items.
- Improved color contrast in System.Windows.Forms.DataGridView control’s link cells.
Workflow
- Addresses an issue when users interact with the Workflow Designer, they might encounter incorrectly disabled context menu items when right clicking on a variable in the component variables list.
.NET Runtime
- Adjusted GC Heap Hard Limit configuration, as well as processor interpretation for .NET Framework container scenarios.
- Improved reliability of managed debugging on arm64.
- Improved security of code identified by internal compliance scans.
- Improved deterministic output capability in ilasm.exe.
Networking
- Addresses an issue when Ssl negotiation can hang indefinitely when client certificates are used when TLS 1.3 is negotiated. Before the change renegotiation (PostHandshakeAuthentiction) would fail and SslStream or HttpWebRequest would observe timeout. Possible workaround is disabling TLS 1.3 either via Switch.System.Net.DontEnableTls13 AppContext or via OS registry.
1 Windows Presentation Foundation (WPF)
Getting the Update
The Security and Quality Rollup is available via Windows Update, Windows Server Update Services, and Microsoft Update Catalog.
Note: Customers that rely on Windows Update and Windows Server Update Services will automatically receive the .NET Framework version-specific updates. Advanced system administrators can also take use of the below direct Microsoft Update Catalog download links to .NET Framework-specific updates. Before applying these updates, please ensure that you carefully review the .NET Framework version applicability, to ensure that you only install updates on systems where they apply.
The following table is for Windows 10, version 1607 and Windows Server 2016 versions and newer operating systems.
Product Version | Cumulative Update | |
---|---|---|
Windows 11, version 22H2 | 5017271 | |
.NET Framework 3.5, 4.8.1 | Catalog | 5017271 |
Windows 11, version 21H2 | 5018546 | |
.NET Framework 3.5, 4.8 | Catalog | 5017264 |
.NET Framework 3.5, 4.8.1 | Catalog | 5017267 |
Microsoft server operating system, version 22H2 | 5018541 | |
.NET Framework 3.5, 4.8 | Catalog | 5017265 |
Microsoft server operating system version 21H2 | 5018551 | |
.NET Framework 3.5, 4.8 | Catalog | 5017265 |
.NET Framework 3.5, 4.8.1 | Catalog | 5017268 |
Windows 10, version 22H2 | 5017888 | |
.NET Framework 3.5, 4.8 | Catalog | 5017262 |
.NET Framework 3.5, 4.8.1 | Catalog | 5017266 |
Windows 10, version 21H2 | 5018545 | |
.NET Framework 3.5, 4.8 | Catalog | 5017262 |
.NET Framework 3.5, 4.8.1 | Catalog | 5017266 |
Windows 10, version 21H1 | 5018544 | |
.NET Framework 3.5, 4.8 | Catalog | 5017262 |
.NET Framework 3.5, 4.8.1 | Catalog | 5017266 |
Windows 10, version 20H2 | 5018543 | |
.NET Framework 3.5, 4.8 | Catalog | 5017262 |
.NET Framework 3.5, 4.8.1 | Catalog | 5017266 |
Windows 10, version 1809 (October 2018 Update) and Windows Server 2019 | 5018542 | |
.NET Framework 3.5, 4.7.2 | Catalog | 5017270 |
.NET Framework 3.5, 4.8 | Catalog | 5017263 |
Windows 10, version 1607 (Anniversary Update) and Windows Server 2016 | ||
.NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2 | Catalog | 5018411 |
.NET Framework 4.8 | Catalog | 5018515 |
The following table is for earlier Windows and Windows Server versions.
Product Version | Security and Quality Rollup | |
---|---|---|
Windows 8.1, Windows RT 8.1 and Windows Server 2012 R2 | 5018549 | |
.NET Framework 3.5 | Catalog | 5016268 |
.NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 | Catalog | 5018523 |
.NET Framework 4.8 | Catalog | 5018519 |
Windows Server 2012 | 5018548 | |
.NET Framework 3.5 | Catalog | 5013635 |
.NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 | Catalog | 5018522 |
.NET Framework 4.8 | Catalog | 5018518 |
Windows 7 SP1 and Windows Server 2008 R2 SP1 | 5018547 | |
.NET Framework 3.5.1 | Catalog | 5013637 |
.NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 | Catalog | 5018521 |
.NET Framework 4.8 | Catalog | 5018516 |
Windows Server 2008 SP2 | 5018550 | |
.NET Framework 2.0, 3.0 | Catalog | 5013636 |
.NET Framework 4.6.2 | Catalog | 5018521 |
Previous Monthly Rollups
The last few .NET Framework Monthly updates are listed below for your convenience:
Hi @salini,
It has been mentioned that only for Windows 11, version 22H2 and Microsoft server operating system, version 22H2 the February Security and Quality Rollup Update is cumulative and contains all previously released security improvements.
We would like to know if it has anything to do with February updates and just typo.
We also see new updates for Windows 10 1607 (Anniversary Update) and Windows Server 2016 ( 5018411 and 5018515) though it has been mentioned "For...
Hi Dhanraj,
“For all other windows versions The October Security and Quality Rollup Update does not contain any new security fixes” – this means that it does not have any security fixes, but it does contain the quality and reliability fixes and improvements listed.
Yes, the “February” was typo and fixed.