Did Microsoft pull the .NET 3.5.1 update KB 4014504?

Topic

New Reply

Sure looks like it. The Update Catalog doesn’t have an entry for KB 4014504, the “Security and Quality Rollup for the .NET Framework 3.5.1 for Windows
[See the full post at: Did Microsoft pull the .NET 3.5.1 update KB 4014504?]

3 users thanked author for this post.

Elly, HiFlyer, AJNorth

Reply | Quote

Replies

http://www.catalog.update.microsoft.com/Search.aspx?q=KB4019112

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/04/windows6.1-kb4014504-x86_19943397671b6e639eaa94f91ecc506de823496b.msu

Reply | Quote

There it is!

KB 4019112

Reply | Quote

Try the Security Only KB4019108

http://www.catalog.update.microsoft.com/Search.aspx?q=4019108

Reply | Quote

KB4019108 and KB4019112 have not been pulled.
There is a chance that they have been temporarily retired to have their supersedence modified, which has been a common occurrence with the .NET updates mid-cycle for few months. The issue is caused by the release of the Security Only update which messes the supersedence, too difficult to explain in words to those who do not use Enterprise tools. Bottom line is that the only tool usable by home users is Windows Update. The Catalog is not for home users and has never been intended to be, except for the one off issue of an odd update not installing correctly from Windows Update.

Reply | Quote

Now that this article has been found, is there any cause for concern?

I have this update installed as DEFCON-3 had been invoked.

Also, it should be noted that since the return of DEFCON-3 and the installation of May 2017 updates for my W7 machine, I will occasionally have a command prompt window for taskeng.exe appear for a maximum of 1 second and then disappear, as if a background command has been initiated and is running its course appropriately. It does not appear malicious, but it’s new – that’s for sure.

Reply | Quote

There’s an article from Martin Brinkmann on ghacks.net about the disappearing popup you have noticed:
https://www.ghacks.net/2017/05/30/what-is-that-popup-on-windows-10-that-disappears-after-a-split-second/

1 user thanked author for this post.

ch100

Reply | Quote

@Kirsty
Excellent find! Very good information, courtesy Martin Brinkmann.

1 user thanked author for this post.

Kirsty

Reply | Quote

An update from answers.microsoft.com:

Answer
Gregory Jensen replied on May 30, 2017

This issue is fixed starting with build 16.0.8201.2025 which is now available as the latest update for those participating in the Office Insiders Slow program. It will be included in a future update for those not participating in Insiders.

For more information on joining Office Insiders see the Office Insider page.

Thank you everyone for reporting this issue!

Reply | Quote

I’m in Group B and  KB4019112 was the only .NET update offered to me by Microsoft when I installed the May updates after Woody issued the Defcon 3 in May.   But now that I check my installed updates,  I see that KB4014504 installed instead,  and there is no KB4019112 that installed.   What should I do about this?

Reply | Quote

Please read the information here
https://www.askwoody.com/forums/topic/did-microsoft-pull-the-net-3-5-1-update-kb-4014504/?view=all#post-118700

Each version of .NET has a separate KB number. KB4019112 is the composite, KB4014504 is the individual patch.

1 user thanked author for this post.

SueW

Reply | Quote

You will find KB4019112 listed in “Update History”. KB4014504 is the corresponding .msu offering, applying to the .NET version that shipped with Windows and listed in “Installed Updates”. With optional .NET versions 4.5.2, 4.6, 4.6.1, 4.6.2 installed, one or more of KB4014508, KB4014511 and KB4014514 will get added to the list.

Regards, VZ

Reply | Quote

G’day Woody – there seems to be some issues with both the May NET Security only ( kb4019108 ) can’t download individual patches and the May NET ROLLUP ( kb4019112 ) – see below . I had an exchange with PKCano on May21 MS-DEFCON 3 posts about this and today I posted this below – hope you don’t mind the duplicate but it is in response to YOUR question of today :

There appears to even be issues with the NET Security and Quality Rollup version – kb 4019112 – as over in Seven Help forum – quite a few complaints about problems downloading – as well as installing it ( taking ages , if at all )

Yesterday, from Windows Update Catalog, I was able to download 1 of the individual files from it – kb4014504 ( NET 3.5.1 ) – this morning it says ” We did not find any results for “kb4014504” – so it looks like that has been pulled as well

Rick in Oz

1 user thanked author for this post.

woody

Reply | Quote

When you downloaded KB4014504 yesterday, you actually queried KB4019112 which has no file. In turn, the file KB4014504 has no Catalog entry. Still it’s available like yesterday.

Reply | Quote

I’m again unable to download the linked Windows 7 4.6.2 .NET updates today (link followed from KB4019108)

It’s only showing a Server 2008 version, which won’t install when downloaded.

Reply | Quote

So is it safe to download/install KB4014504? I’m planning to download/install the main updates tomorrow night?

So can somebody please tell me if the .net update is safe to install and won’t take long? Or should I hide it and install the rest? Or is there a manual update download for the update?

Reply | Quote

Chances are good that it won’t be offered. If it’s offered and checked, uncheck it.

Reply | Quote

There were TWO .Net Framework updates offered through WU for Windows 7 in May.  They were:

KB4014504 = Security and Quality Rollup for the .NET Framework 3.5.1 for Windows 7 and Windows Server 2008 R2.  In the update description this appears to be a single target security fix and not a roll-up in spite of what the title says.

and

KB4019112 = Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 on Windows 7 and Server 2008 R2

Searching the Update Catalog now for KB4014504 yields no return so it’s been pulled.  The update decription did sound like it could break rather than fix something if it went bad.

“I’m seeing reports of problems all over the place….” isn’t exactly helpful.  What problems???

Viper

1 user thanked author for this post.

woody

Reply | Quote

There was also a Windows 7 Security Only update showing as issued, but this is no longer/not currently accessible in MS Catalog.

Kirsty wrote:

From Description of Software Update Services and Windows Server Update Services changes in content for 2017.

May, 2017 Security Only Update for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 on Windows Embedded Standard 7, Windows 7, and Windows Server 2008 R2 (KB4019108)
http://support.microsoft.com/kb/4019108

The linked downloads show as Server 2008 only, and do not install on Windows 7.

Reply | Quote

I’m working from my phone, so it’s hard to aggregate the reports I’ve seen. The reports I’ve seen are general confusion, the patch is not available, or it won’t install.

Reply | Quote

I hate to “assume” but it appears that’s all I’ve got at the moment until a little clarification takes place… so here goes!

Would I be correct in assuming if the .NET update downloaded & installed OK through Windows Update that I don’t have anything to worry about?

Reply | Quote

Ed wrote:

I hate to “assume” but it appears that’s all I’ve got at the moment until a little clarification takes place… so here goes!

Would I be correct in assuming if the .NET update downloaded & installed OK through Windows Update that I don’t have anything to worry about?

Absolutely!
Anything else is just waste of time or maybe hobby for some.

Reply | Quote

Well according to this KB4014504 was superceded and removed.

http://windows-update-checker.com/hotfix/x64/x64%20change%20log.txt

Viper

Reply | Quote

The update in indeed replace with May Preview rollup KB4014596, but it’s still requested by WU

Reply | Quote

Are the .NET updates cumulative updates?

Reply | Quote

The Security & Quality Rollups supersede the previous month’s update. They are Cumulative.
I don’t believe the Security-only ones are.

Reply | Quote

This patch isn’t listed in the MS update catalogue but it is apparently the .net security only patch for may, is this site known to be reputable?

 

https://www.manageengine.com/products/desktop-central/patch-management/Dot-NET-Framework-4.6/ndp46-kb4014591-x64.html

Reply | Quote

The .NET patches consist of four parts, one for each of the four versions of .NET available. You cannot search the Catalog for the individual parts, only the main update. If you search by that KB number, click on the title of the update that allpies, then click on “More Information” in the box that pops up, you will see the individual patches. You only need the one(s) for the version(s) of .NET you have installed.

anonymous wrote:

This patch isn’t listed in the MS update catalogue but it is apparently the .net security only patch for may, is this site known to be reputable?

If the patch is not offered in the MS Catalog, it is for a reason. I don’t recommend downloading it from another site.

2 users thanked author for this post.

abbodi86, ch100

Reply | Quote

Is this specific for only a particular version of windows?

If the .NET 3.5.1 update for May offered from windows update installed smoothly (I installed it last week when the level changed to MS-DEFCON 3), should I uninstall it then?

Reply | Quote

If you installed it and are not having problems, I would leave it alone.

1 user thanked author for this post.

HiFlyer

Reply | Quote

Are the problems from this KB noticeable by the average user?

Reply | Quote

The problems apparently were in the metadata, having to due with the supersedence chain. No reinstall is required. If you installed it, you don’t have to do anything.

3 users thanked author for this post.

Lori, HiFlyer, SueW

Reply | Quote

Woody,

This morning I was able to locate KB4014504 in the windows catalog by looking up the May, 2017 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 on Windows 7 and Server 2008 R2 for x64 (KB4019112) in the catalog. The catalog indicates that the last update was 5/5/17.  I then chose the correct version for my system and clicked on download. The window that opened gave me a choice of 4 different downloads. One of which is KB4014504.

I’ve enclosed a screen capture of the page.

Reply | Quote

PKCano wrote:

The .NET patches consist of four parts, one for each of the four versions of .NET available. You cannot search the Catalog for the individual parts, only the main update. If you search by that KB number, click on the title of the update that allpies, then click on “More Information” in the box that pops up, you will see the individual patches. You only need the one(s) for the version(s) of .NET you have installed.

Try this method

Reply | Quote

I installed  KB4019112 ok at the end of last week on both my Windows 7 machines. Thus far all seems normal. It’s the only .Net Framework update that was offered through WU.

Reply | Quote

FWIW I installed Rollup for .NET KB4019112 on 8 Win7 64 boxes and saw CPU use rise substantially. It was almost certainly attributable to that patch, since I install roll-ups one at a time with a restart and manual restore point in between and the .NET patches are last ones installed. Prior to the May 2017 patches, my approach to win updates as  “let me know and I’ll decide” which was not causing excess CPU usage. When the .Net patch ran up CPU use, I switched to the more conservative, “Don’t check” strategy Woody recommended and the CPU overrun stopped.

1 user thanked author for this post.

Cascadian

Reply | Quote

I often observe a break-in period. I think that applies in many senses of the words.

Whether the new item is making room for itself in the code, or executing first time commands, or searching for and creating its new database to function; I’m generally not worried if it doesn’t peg the meter on a runaway. This is not always apparent immediately either, as it may wait for some unknown trigger event assigned by Microsoft to stagger conflicts, or make identity difficult, depending on your point of view.

If it remains outside my comfort zone for longer than I care [definitely a moving target, that], I try to find others with the same complaint. Failing that, I assume it is the strange mix of local conditions.

In my instance, I jumped Woody’s signal by a few hours, and gracelessly went full Group A for the first time in a long time. Rollups as offered, no previews. Only complaint noted has been the delayed pageloads discussed here: https://www.askwoody.com/forums/topic/browsers-not-accessing-sites-intermittantly/

But that was only one machine, maybe I got lucky.

Reply | Quote

I checked the link from that 3rd parties web site for this patch and it appears to be downloading from MS So there shouldn’t be any issues

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/04/ndp46-kb4014591-x64_9bcdec650701d5e98aa21b47b50771817c9504df.exe

Reply | Quote

From .NET Framework May 2017 Security and Quality Rollup:

“The May 2017 Update includes incorrect patch metadata that can cause the Microsoft Baseline Security Analyzer (MBSA) or Windows Update to report that the May 2017 Update (or parts of it) is missing.

This issue will be fixed automatically with an update to Windows Update patch metadata. No action will be required on your part. This post will be updated when that happens.”

3 users thanked author for this post.

Elly, ch100, PKCano

Reply | Quote

Metadata changes to May 2017 Security Only Updates were released on May 30. See https://support.microsoft.com/en-us/help/894199/description-of-software-update-services-and-windows-server-update-services-changes-in-content-for-2017 for more info.

Reply | Quote

From https://blogs.msdn.microsoft.com/dotnet/2017/05/09/net-framework-may-2017-monthly-rollup/:

“Updated (2015/05/31): Reported that known issue with patch metadata is fixed.”

Reply | Quote

How am I supposed to understand the use of the word “quality”?

2 users thanked author for this post.

Cascadian, HiFlyer

Reply | Quote

A pinch of salt, or a dose of satire can be helpful.

Reply | Quote

By recognising that MS only call it a “Quality” update, they don’t define the level of quality… ;)!

Reply | Quote

I installed KB4019112 on 2008 R2 shortly after release. After that, it took 30+ minutes to be able to login to the server via RDP. (If you were lucky. Often, you’d just stare at blank “desktop” and get disconnected after some minutes. The actual offending POS was KB4014514o.

Had to remove the thing via psexec \\server wusa /uninstall /kb:4014514

Needless to say, I don’t plan to install any of these .Net “patches” anytime soon.

MS’s testing is abysmal/non-existent.

Reply | Quote

Just installed update for net 4.6.2 and it went well.

Reply | Quote

Anyone have a list of all the net framework security only update’s kb number’s hard to keep track ?

Reply | Quote

For May, check here: https://www.askwoody.com/forums/topic/security-only-net-updates-may-2017/

There is also a topic in that section for the April security-only updates.

Reply | Quote

Okay I got a question-Will the new security only .net appear when you scan using windows update or is there a manual download link? I need to know so I know what to do.

Reply | Quote

The Security-only .NET updates are not offered through Windows Update. They have to be downloaded from the MS Update Catalog and manually installed. The links are here, along with the instructions for finding the one(s) you need.
https://www.askwoody.com/forums/topic/security-only-net-updates-may-2017/

Reply | Quote

http://www.catalog.update.microsoft.com/ScopedViewInline.aspx?updateid=3244af7a-f1c3-4b03-911b-100cd1adfb7c

 

So if I am correct-I gotta install this update for Windows 7 the security only .net one KB4019108?

 

Also why does it said last modified 5-26-17? Is it safe to download or not?

Reply | Quote

Please see your post here: https://www.askwoody.com/forums/topic/security-only-net-updates-may-2017/

It says it was modified 5-26-2017 because MS modified it 5-26-2017. It is safe to download.

Reply | Quote

Okay PK just needed clarification. I’m gonna do the downloads saturday night, scan Sunday night. Security only saturday, check for updates sunday.

 

Reply | Quote

I am running a 2009 HP Desktop with Windows 7 SP1 x64, also from 2009. It came with Net 3.5.1 and in February, 2017, I updated it to Net 4.6.2 and have been getting updates monthly for it. It hasn’t slowed my desktop down and supports the oldest windows 7 sp1 x64.

Reply | Quote

Not sure if I am echoing BrianL, I may have misunderstood. But I have wondered about the significance of this item for home, student, stand alone, or non-intensive use.

CAUTION: what is described is not advice to follow, it is the sorry history of one who did not know better at the time.

In the dark days of not knowing why my machine failed when it did, before I found Canadian Tech’s advice at MSAnswers, before his posts lead me here, among other questionable actions, I made a rash choice. Seeing multiple iterations of .NET framework lead me to fears of vulnerabilities exposed by outdated software. I uninstalled and cleaned up everything ‘less than’ 4.6.1, among many other changes made at the time. Since I was careless in my actions, I have no idea what actually ‘fixed’ my difficulties at the time. Soon, I began to be bothered by a persistent need to update .NET 3.5.1, which always failed. Frustrating because I thought I had gotten rid of it. Why are those idiots pushing something I do not need? Eventually learned this iteration is unique in that Win7 still has it listed as a Windows Feature, to be checked or deselected as you please. Once I removed the check in that menu, I was never offered the update again.

Enough history, I use this Win7,SP1,x64 machine as the last vestige of the Microsoft world to ease sharing of documents with others who have not moved on. It is not in a high stress environment, nor dependent on many things. It has never asked for .NET 3.5.1 to be re-installed, or refused something for lack of it. I have experienced problems that may be explained by that, but Win7 has never directed me to this as a flaw. Is this item needed for functions I do not use, or is it superfluous in all cases, not just mine?

In my mind is the comparison to Silverlight, an item I think even Microsoft has essentially abandoned, but still shows up anyway.

Reply | Quote

Cascadian wrote:

Silverlight, an item I think even Microsoft has essentially abandoned, but still shows up anyway

MS still support Silverlight, but now only on IE11, for another 4-odd years.

1 user thanked author for this post.

Cascadian

Reply | Quote

I apologize, Kristy. You are correct. I worded that poorly. Microsoft is indeed supporting software already installed, and suggesting it continuously to people who do not yet have it.

I meant that they do not seem to utilize, or require it even in their own presentations. And I’m not sure that it ever caught on anywhere else. It is essentially not necessary for the continued function most users require.

Which brings back the reason for mentioning it in the first place. Is .NET 3.5.1 a useful item? That without it, I or others would be unable to perform necessary functions? Or has other technology moved on without it, as HTML5 standards vaulted past the need for Silverlight?

Reply | Quote

Has anyone been able to isolate the component files from May NET Security only KB4019108 using PKCano’s method of clicking on the Title etc ?????….. it has worked for me in the past where I could then select from 4 files to get the one I need but for some reason is not working this month – eg I need kb4014594 for NET 3.5.1 but unable to isolate it as an individual file

Reply | Quote

Click the title link, then on the right in the box, click “more information to see which ones you need for your version of .NET
Then go back to the initial screen and click the “download” link to download the ones you need.
The patches were pulled for a while but re-released on the 26th.

2 users thanked author for this post.

HiFlyer, ozbadcat

Reply | Quote

Hi PkCano – THANK YOU – I must be losing the plot in our winter cold here in Australia – I did everything but go back and click the download link again to bring up the 4 options – DUH !!! – I have followed your directions more exactly this time and you have solved ANOTHER issue for me.

You are a most valuable contributor to Woody’s Lounge !!!!

Rick in Oz

1 user thanked author for this post.

PKCano

Reply | Quote

I’ve always wondered why Windows 8.1 and Windows 10 didn’t have .NET Framework 3.5 preinstalled.

Reply | Quote

I’m just seeing this thread for the first time. Took a little poking around to figure out what anyone was talking about.

First off, it seems that some users aren’t clear how to determine installed updates in windows 7.

If you click Windows Update to open the initial screen, there are two links that have to do with installed updates. On the left panel “View Update History” is in the top list of links.

This link will show you all updates installed, Date, and completion. This list DOES NOT show the individual updates, it will only display Whole (rollup) package numbers (e.g., KB4019112). Also note that even if you uninstall a package, that package will still show in the history.

To determine which packages from a roll-up are actually installed, click the link in the lower left of the panel “Installed Updates”. This lists all “individual packages”. Example, Rollup KB4019112 included these four – KB 4014504, KB 4014508, KB 4014511, KB 4014514.

You can use the search box to locate these packages. of those four, I have KB 4014504 & KB 4014511 installed.

I installed KB 4019112 on 5/20 and haven’t seen a problem. I did have one bootup that took 10 minutes, but I attributed it to the IE11 update. After that single long boot its been fine. Never know. Oddly, in previous months, my searches of MS catalog turned up zero “Security only” updates. That’s the reason I installed KB4019112 with WU. However, I am now seeing the security only updates April and May. Odd.

 

Reply | Quote

Rick R, I’ve been considering your post and have looked back over a few days in this thread. You may be picking up on something I do not see.

Most discussion has been between the ‘package’ available from Windows Update (Group A approach) as it differs from the individual items that must be retrieved from the Update Catalog (Group B) taking care to match your needs to the offerings available. There has been the added kicker that Microsoft adds, retires, moves, or otherwise messes with the offered list for their own reasons.

I’m not sure that I have seen anyone confusing the History which is corruptible, deletable, and all around untrustworthy, from the Installed list which is repopulated anew each time you request a display.

Edit to invite correction, if I have not interpreted correctly.

You are correct that this is an important distinction, but I have not seen the error here.

1 user thanked author for this post.

Rick R

Reply | Quote

That was my impression, as the thread regarding the problems with .NET updates confused me, I consider my self savvy enough, but bouncing between Whole packages and indivudal KBxxxxxx updates had my head spinning. That’s why I said poking around. It made more sense after I looked at the updates myself.

Regardless, if the info helps someone, then it was worth it, as there are clearly visitors to the site that need the guidance.

1 user thanked author for this post.

Cascadian

Reply | Quote

Very true, and often overlooked. Thank you for making the point, it is useful. Volume Z condensed it better than I did below.
https://www.askwoody.com/forums/topic/did-microsoft-pull-the-net-3-5-1-update-kb-4014504/#post-119300
Caution for future readers: all hard information has a limited shelf-life, June is a new month. Follow established procedures to avoid getting lost in old information.

Edit to add: Same learning curve here in this chair, first couple of times. It is because of Microsoft’s best effort at a nomenclature that has multidigit numbers that make a human’s eyes swim, coupled with synonymous names for diverse items. We all cope in our best ways.

Reply | Quote

Net 3.5.1 came pre-installed on my HP desktop windows 7 sp1 x64 home premium. I downloaded net 4.6.1 in late February this year and now I only pickup updates for 4.6.1,although the 3.5.1 is still listed within windows 7.

Reply | Quote

With what we have seen recently with legacy products being employed in malware recently, I would caution advice to take advantage of any security update available for whatever is installed.
I don’t think a user would necessarily be aware if something was using or accessing an older version of .net (or a newer one, for that matter).

Reply | Quote

I need help! SO I got windows 7 and I am very confused! SOmebody please help me! WHere do I download/install the .net update!? I don’t know what to do or what to install! I need a simplified explanation! DO i gotta download 4 parts of the security only or should i download/install in windows update?! I NEED HELP! Please! How do I download KB4019108? PLEASE I am desperate! HElp me!

Reply | Quote

Go to Windows Update. Check the .NET update (if it’s not already checked) listed in the “important updates” list and install it.

You will not see the composite update KB number (the KB that’s listed in WU before install)  in the update history, but only the individual update(s) for the version(s) that are installed on your computer. Windows Update will know which ones you need so you can stop worrying about it.

1 user thanked author for this post.

Kirsty

Reply | Quote

Thank you. I’ll install it on windows update then tomorrow night. Right now I am doing a chkdsk to combat an annoying problem-RElax, dealt with it in the past, only happens when I haven’t defrag for awhile should of done it to avoid this “ata” who dares to p*** me off (pardon my french). I knew i should of nipped it in the bud on the 29th, but nOW that it has appeared i can nip it tonight and be done with it.

Anyway thanks a bunch PK-I Was totally confused as to what to do. I’ll install it tomorrow night with any other update I  need.

Reply | Quote

Talking about KB4019108: This one will not be offered by Windows Update. The one offered by Windows Update will be KB4019112.

To apply KB4019108 (SECURITY ONLY), up to 4 individual files will have to be downloaded from the Catalog. Applicability of the .msu file is certain, while applicability of the .exe files depends on the optional .NET versions installed. After installation of files manually they will be listed in “Update History” as well as “Installed Updates” (which is not the same). KB4019108 will not show in any list.

To apply KB4019112 (SECURITY QUALITY) Windows Update can be used. After installation applicable files will be listed in “Installed Updates”, while KB4019112 will show in “Update History”.

The composite KB number never shows in “Installed Updates”, but the SECURITY QUALITY composite number has a chance of appearing in “Update History”.

Regards, VZ

2 users thanked author for this post.

HiFlyer, Cascadian

Reply | Quote

From next month, .NET 4.6/4.6.1 and 4.6.2 will have one update instead two

this actually started with May 2015 Preview Rollup

1 user thanked author for this post.

HiFlyer

Reply | Quote