.NET Framework June 2021 Security and Quality Rollup Updates
Today, we are releasing the June 2021 Security and Quality Rollup Updates for .NET Framework.
Security
The June Security and Quality Rollup Update does not contain any new security fixes. See February 2021 Security and Quality Rollup for the latest security updates.
Quality and Reliability
This release contains the following quality and reliability improvements.
CLR1
- Addresses a performance issue caused by incorrect configuration in the GC.
- Addresses an issue where a background GC could pause the runtime for a long period of time if a large managed heap is filled with long lived objects with a deep chain of references.
- Addresses an issue where crashes could occur if security stackwalks were generated during ThreadAbortException handling.
NCL2
- .NET Framework 4.8 will now allow to negotiate TLS 1.3 if underlying OS supports it.
WPF3
- Addresses an issue when rapid typing using an IME can crash via FailFast.
- Addresses an issue where Thaana characters displayed in left-to-right order.
- Addresses a crash when WebBrowser receives a completion event for a navigation it tried to cancel.
1 Common Language Runtime (CLR) 2 Network Class Library (NCL) 3 Windows Presentation Foundation (WPF)
Getting the Update
The Security and Quality Rollup is available via Windows Update, Windows Server Update Services, and Microsoft Update Catalog.
Microsoft Update Catalog
You can get the update via the Microsoft Update Catalog.
**Note**: Customers that rely on Windows Update and Windows Server Update Services will automatically receive the .NET Framework version-specific updates. Advanced system administrators can also take use of the below direct Microsoft Update Catalog download links to .NET Framework-specific updates. Before applying these updates, please ensure that you carefully review the .NET Framework version applicability, to ensure that you only install updates on systems where they apply.
The following table is for Windows 10 and Windows Server 2016+ versions.
| Product Version | Cumulative Update | |
|---|---|---|
| Windows 10 version 21H1 | ||
| .NET Framework 3.5, 4.8 | Catalog | 5003254 |
| Windows 10, version 20H2 and Windows Server, version 20H2 | ||
| .NET Framework 3.5, 4.8 | Catalog | 5003254 |
| Windows 10 version 2004 and Windows Server, version 2004 | ||
| .NET Framework 3.5, 4.8 | Catalog | 5003254 |
| Windows 10 version 1909 | ||
| .NET Framework 3.5, 4.8 | Catalog | 5003256 |
| Windows 10 version 1809 (October 2018 Update) and Windows Server 2019 | 5003778 | |
| .NET Framework 3.5, 4.7.2 | Catalog | 5003258 |
| .NET Framework 3.5, 4.8 | Catalog | 5003255 |
| Windows 10 version 1607 (Anniversary Update) and Windows Server 2016 | ||
| .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2 | Catalog | 5003638 |
| .NET Framework 4.8 | Catalog | 5003542 |
The following table is for earlier Windows and Windows Server versions.
| Product Version | Security and Quality Rollup | |
|---|---|---|
| Windows 8.1, Windows RT 8.1 and Windows Server 2012 R2 | 5003781 | |
| .NET Framework 3.5 | Catalog | 4578953 |
| .NET Framework 4.5.2 | Catalog | 4578956 |
| .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 | Catalog | 5003549 |
| .NET Framework 4.8 | Catalog | 5003545 |
| Windows Server 2012 | 5003780 | |
| .NET Framework 3.5 | Catalog | 4578950 |
| .NET Framework 4.5.2 | Catalog | 4578954 |
| .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 | Catalog | 5003548 |
| .NET Framework 4.8 | Catalog | 5003544 |
| Windows 7 SP1 and Windows Server 2008 R2 SP1 | 5003779 | |
| .NET Framework 3.5.1 | Catalog | 4578952 |
| .NET Framework 4.5.2 | Catalog | 4578955 |
| .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2 | Catalog | 5003547 |
| .NET Framework 4.8 | Catalog | 5003543 |
| Windows Server 2008 | 5003782 | |
| .NET Framework 2.0, 3.0 | Catalog | 4578951 |
| .NET Framework 4.5.2 | Catalog | 4578955 |
| .NET Framework 4.6 | Catalog | 5003547 |
Previous Monthly Rollups
The last few .NET Framework Monthly updates are listed below for your convenience:
- .NET Framework May 2021 Cumulative Update Preview
- .NET Framework May 2021 Security and Quality Rollup Updates
- .NET Framework February 2021 Cumulative Update Preview for Windows 10 2004, Windows Server, version 2004, Windows 10, version 20H2 and Windows Server, version 20H2
- .NET Framework February 2021 Cumulative Update Preview for .NET Framework.
Light
Dark
13 comments
The “Security” section says:
“The February Security and Quality Rollup Update does not contain any new security fixes. See February 2021 Security and Quality Rollup for the latest security updates.”
Should it instead say the following?
“The June Security and Quality Rollup Update does not contain any new security fixes. See February 2021 Security and Quality Rollup for the latest security updates.”
Thanks for catching that typo Kalle! I have corrected the issue and re-published the post.
Does this update supersede KB4601051 (February update)? I noticed after installing this months update, that in the registry and cbs.log, the February update is marked as superseded. But when looking at the catalog online it doesn’t mention that.
Installing the June Security and Quality rollup from Windows Update will supersede previous releases, including the February Security and Quality rollup. If you install updates from WSUS or Catalog the June Security and Quality rollup will not supersede the February Security and Quality rollup. This supersedence strategy allows Windows Update to offer only the latest update and allows WSUS and Catalog customers to choose the latest security release or the latest release when there is no new security improvements.
Hi Tara,
Historically, my organisation has deployed packages containing multiple .NET security updates that have been downloaded from the update catalog, including the latest rollup at the time.
However, my understanding is that the latest rollup is cumulative and includes all previous security fixes therefore, if I have a fresh install of .NET, I shouldn’t need to install any .NET security updates besides the most recent rollup. As things stand currently, this would be the June security rollup which contains all previous security updates (the latest being from Feb ‘21). I’d like to confirm that I have got this correct.
I did ask a question on the Microsoft Help forum to confirm whether my understanding is correct but I didn’t get a definite response and there were suggestions of installing earlier updates as well as the latest roll up. Please could you advise if I am correct in my understanding?
For info, my Help forum post is here.
Many thanks.
Hi Logie,
You are correct in your understanding. The latest rollup is cumulative and includes all previous security fixes. If you have a fresh install of .NET, then install the latest rollup update you will be up-to-date. Currently, the latest update is the June Security and Quality Rollup (which does contain the latest security fixes from Feb ’21).
Thanks for the reply, Tara. Much appreciated.
Why does this update not appear on the .NET Update History page?
Thanks for reporting this, the issue has been fixed on the .NET Update History page.
Tara, how can I know if I’m affected by this issues: “Addresses an issue where a background GC could pause the runtime for a long period of time if a large managed heap is filled with long lived objects with a deep chain of references.”?
Thanks
Agree. Good question. Is there any information about these circumstances so we can determine if this change may help? Even if not, such details are always good to read. Would you be able to point us to a blog post, or a similar fix that may have landed in .net core?
Also, do we need to opt in to tls 1.3 at all? What setting might govern the opt-in, or opt-out of this change? I just had to set an enum flags value earlier this week to opt-in to tls 1.2 to get a particular web service working so I’m very curious to know if I could extend this enum flags further, or if I don’t need to touch it.
Thanks
When this uncommon issue is experienced you may use a profiler (e.g. PerfView) to determine whether or not you are affected by the underlying issue. In particular, you should see: 1) A long GC pause, 2) That long GC pause is associated with a background GC and 3) observe some ETW events of this type (Microsoft-Windows-DotNETRuntimePrivate/GC/BGCOverflow) emitted from the runtime.
Thanks Tara!