Release Date:
January 11, 2022Version:
.NET Framework 3.5 and 4.8Summary
Security Improvements
This security update addresses an issue where an unauthenticated attacker could cause a denial of service on an affected system. For more information please see CVE-2022-21911.
Quality and reliability improvements
WPF1 |
- Addresses an issue where WPF does not respond to touch if the WPF window was activated by a touch manipulation (e.g. swiping a listbox). - Adds a mitigation for an issue involving tearing, flickering, or incorrect composition of visual content under high GPU-load conditions. - Addresses an issue where the extra information associated with a WM_KEYDOWN message is discarded before the handlers for the PreviewKeyDown or KeyDown events can retrieve it via GetMessageExtraInfo. - Addresses an issue where AutomationElement.FindFirst or FindAll do not search the subtree of an hwnd whose UIA_WindowVisibilityOverridden property is set to 1. - Addresses an issue where a binding on TextBox.Text with UpdateSourceTrigger=PropertyChanged produces incorrect results when the Microsoft Quick IME is used. |
SQL Connectivity |
- Under certain error cases caused due to NullReferenceException thrown while populating SqlParameter values using customer provided delegates, the SqlClient driver may not cleanup the state of connection state. The connection in bad state, can make its way into the connection pool and may be picked up for reuse causing unexpected failures on the connection. If such a condition is recognized, an AppContext Switch “Switch.System.Data.SqlClient.CleanupParserOnAllFailures”, may be enabled to clean up connections on any kind of failures even while running into errors with delegates. |
WCF2 |
- Addresses a failure to correctly timeout a failed request when making an asynchronous WCF call over HTTP. If the service has sent a partial response message and fails to send the remainder of the response, the client may not fail the call after the configured timeout. |
1 Windows Presentation Foundation (WPF)
2 Windows Communication Foundation (WCF)Known issues in this update
Microsoft is not currently aware of any issues in this update.
How to get this update
Install this update
Release Channel |
Available |
Next Step |
Windows Update and Microsoft Update |
Yes |
None. This update will be downloaded and installed automatically from Windows Update. |
Windows Update for Business |
Yes |
None. This update will be downloaded and installed automatically from Windows Update. |
Microsoft Update Catalog |
Yes |
To get the standalone package for this update, go to the Microsoft Update Catalog website. |
Windows Server Update Services (WSUS) |
Yes |
This update will automatically sync with WSUS if you configure Products and Classifications as follows: Product: Windows 10, version 1809 and Windows Server, version 2019 Classification: Security Updates |
File information
For a list of the files that are provided in this update, download the file information for cumulative update.
Additional information about this update
The following articles contain additional information about this update as it relates to individual product versions.
-
5009718 Description of the Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10, version 1809 and Windows Server, version 2019 (KB5009718)
Information about protection and security
-
Protect yourself online: Windows Security support
-
Learn how we guard against cyber threats: Microsoft Security