What’s happening with Win7 .NET updates?

Topic

New Reply

Just got this from reader OC: Today I received from MS new updates for my Win 7 Pro, x64, SP1 (to be installed when I decide to), for .NET 4.6.4, 4.61
[See the full post at: What’s happening with Win7 .NET updates?]

1 user thanked author for this post.

JDeC

Reply | Quote

Replies

Anything for Windows 8.1?

Reply | Quote

anonymous wrote:

Anything for Windows 8.1?

If it’s at all helpful, this is what I saw offered a week ago…

https://askwoody.com/forums/topic/patch-tuesday-patches-are-out-2/#post-136883

-Noel

Reply | Quote

Ah, I saw that update. Thanks.

Reply | Quote

All I had this month for .Net Framework on my Windows 7 SP1 machines was the optional and unchecked KB4043766 plus the optional and unchecked preview KB4042076. I’ve hidden both of them as I don’t install optional and/or unchecked updates.

Reply | Quote

@OC: 73, 77, and 80 are September Rollups (i.e., security and quality). Together they comprise KB4041083. I don’t believe you were taken to what you call “86” because there is no KB 4040986 (google it and see). I’m guessing you were taken to 4041083. If you scroll through that page I think you’ll see references to the 73,77, and 80 updates. Also if you go to the Update Catalog either from the aforementioned page or directly and enter KB4041083, and then put it in your basket and try to download, I think you’ll suddenly see 3 or 4 links some of which will be for 73, 77, and 80 (one link for each)

At least that’s what happened for me when I installed .NET updates a couple weeks ago from the Update Catalog.

Hope this helps.

1 user thanked author for this post.

woody

Reply | Quote

Those separate patches are for different versions of .NET. In the Catalog, if you click on the title of the Rollup (instead of the “download” button), then click on “More information” in the box that pops up, it will take you to a page that tells you which patch goes with which version.

1 user thanked author for this post.

walker

Reply | Quote

Personally only interested henceforth in Security Only updates for 4.6.1 and anything earlier this Win7 Pro will allow me to install. No interest in 4.7 as no local program requires it and my Zbook workstation is stable, touch wood! YMMV…

Reply | Quote

Too much overthinking

currently there are 3 .NET Rollups that would be offered in WU

2017-09 Security and Quality Rollup (KB4041083) – Important
2017-10 Security and Quality Rollup (KB4043766) – Optional/Recommended
2017-10 Preview of Quality Rollup (KB4042076) – Optional

.NET 3.5.1 Security Rollup KB4040980 is the same included in all three
.NET 4.5.2 Security Rollup KB4040977  is the same included in all three

only  .NET 4.7 update differs
KB4041083 -> KB4040973
KB4043766 -> KB4043764
KB4042076 -> KB4041778

4 users thanked author for this post.

woody, SueW, walker, PKCano

Reply | Quote

currently there are 3 .NET Rollups that would be offered in WU

2017-09 Security and Quality Rollup (KB4041083) – Important
2017-10 Security and Quality Rollup (KB4043766) – Optional/Recommended
2017-10 Preview of Quality Rollup (KB4042076) – Optional – abbodi86

Yes, I’m seeing the later two as unchecked optional updates in Windows Update.

I don’t see the first one as I installed in on 9/29/2017.

Reply | Quote

@abbodi86: Thank you for the above information.   There have been so many updates, it can easily get very confusing for the “novice users”.  

Reply | Quote

About this:

2017-09 Security and Quality Rollup (KB4041083) – Important
2017-10 Security and Quality Rollup (KB4043766) – Optional/Recommended

And this:

.NET 4.5.2 Security Rollup KB4040977  is the same included in all three

… not true. 4040977 inside 4043766 has changed (I compared them). WUA does not force to install it, its just some non binary problem (some installer language confusion, not affecting installed binaries).

Reply | Quote

lol.

WOULDN’T IT BE BETTER IF IT WAS ALL MANAGED COMPLETELY FOR YOU WITHOUT YOU HAVING TO DO ANYTHING?
AREN’T ROLLUPS GREAT!
MICROSOFT KNOWS BEST!

Reply | Quote

Don’t know if related, but on Win 8.1 this morning when I powered up and logged in, a .NET Runtime Optimization task started and pegged the Task Manager Hard Disk utilization at 100% for about 5 minutes.

I had not updated anything since Oct 9, so no clue why this suddenly kicked in.

Reply | Quote

Earlier today, I did exactly what PK Cano advises, and ended up, after being redirected to migrate from page to page in the MS Web site, at a place where each of the three patches were all said to be for .NET 4.7. So: all roads led to 4.7, although  the three .NET patches were described in the initial “More Information” MS site  as being for different versions of .NET,  just as explained in the OC posting. Except they are not, or are they?

The mystery thickens…

And I do not want to install 4.7…

Reply | Quote

If you don’t want 4.7, you must install 4.5.2 at top

4.6 and later are already merged with 4.7

2 users thanked author for this post.

Elly, walker

Reply | Quote

Great! I just googled “kb4040980” and following the link to MS took me to the MS Web page where this is described as:

“Security and Quality Rollup for .NET Framework 3.5.1 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB 4040980)”, and when I clicked the link to the Catalogue, it landed me in a page from where I could download one of three flavours, one for a different type of OS, of the “**Preliminary** Quality and Total Wonderfulness Rollout” (stars are mine), well, maybe with a few less words in the name, for several .NET versions including 4.7!

Reply | Quote

Final update on the ongoing “.NET update and I” story:

I decided to hide the update!

Now my plan is as follows:

If black hats take advantage of some bug in the unpatched .NET and kidnap my computer, or am I otherwise seriously inconvenienced, I shall:

(a) Reformat the disk, and install some LINUX distro (probably Debian) in my PC. While I am still adapting the new OS to my needs and tastes, I shall continue doing my work with my Mac.

(b) If (a) proves impracticable, then I shall remove the hard disk and take the rest of the machine to some place where they take care that it is responsibly and ecologically disposed of. And shall continue doing my work and the rest of it on my Mac.

Because life is too short.

1 user thanked author for this post.

Cybertooth

Reply | Quote

So, what do you all recommend, in terms of .NET updates, which I should install and which do not create major issues? I am on Group B, and I have stuck with .NET 4.5X on all of my Win7 computers.

Reply | Quote

This is all so confusing and my brain’s RAM is overloaded with KB numbers and similar-sounding .NET patch names. WU is offering my Windows 7 PC the following:

• 2017-09 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows 7 and Server 2008 R2 for x64 (KB4041083)
• 2017-10 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows 7 and Server 2008 R2 for x64 (KB4043766)

Just the facts, ma’am: Can someone tell me — without a lot of explanation or mumbo-jumbo, please — what the current recommendation for patching is with respect to the above two .NET updates?

I’ve been Group B, but I’m ready to throw my hands up and join Group W. Although honestly, Group L (for Linux) is fast approaching.

 

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

1 user thanked author for this post.

Reply | Quote

Fellow Group B member here. I could be wrong, but I believe the current advice with both KB4041083 and KB4043766 is to wait until we are at MS-DEFCON 3 or higher and then apply them.

For now, I think it is safe to leave them as unchecked in Windows Update, since we would be installing them at the next safe patching opportunity. The safest thing would probably be to hide them for now, then unhide them when it is time to patch.

1 user thanked author for this post.

Cybertooth

Reply | Quote

To follow up, KB4041083 was the .NET Rollup that caused issues last month, with MS recommending to uninstall it and instead install the Security-only update. Now that same MS article is recommending the KB4043766 Rollup to fix rendering issues from KB4041083. As the Rollups are cumulative, there is no point in installing KB4041083 when we get to MS-DEFCON 3+ if you are going to be installing KB4043766, so you should hide KB4041083.

Reply | Quote

Separate question: are .NET rollups cumulative?

I.e., would installing the October rollup KB4043766 make the September rollup KB4041083 unneeded?

Or are they like Group B Security-only patches, which are not cumulative? Thanks

Edit: Answer found. .NET “Security and Quality” rollups are cumulative, while .NET Security-only updates are not. I think this mirrors the same behavior as the normal Windows rollups/Security-only updates.

Reply | Quote

Am using an antique version of Windows 7 SP1 x64 (Oct 2009).  I installed Net 4.7 on June 14th this year.  Have been getting update to that Net and also combined updates to3 other net versions since then.  They are installed and I have not encountered any noticeable problems.

4 users thanked author for this post.

JDeC, SueW, Elly, The Surfing Pensioner

Reply | Quote

Cybertooth:

In my own experience (at least yesterday) no matter what “kb” you choose to install, that is not what you will find when you finally reach the MS Catalog “Download” page clicking on all the correct links along the way. What you’ll find there, surprise, surprise, will be updates with different kb numbers and contents from the ones you were after. And all include .NET 4.7, the one reported as causing problems, along with whatever else they are supposed to be for.

MS seems to be playing some kind of silly game with the .NET update names it is offering.

The destination you finally reach is not the one you saw written on the road signs along the way.

The Security Only update for my Windows 7 x64, SP1 and the IE11 Cumulative update, on the other hand, were not affected by this problem when I installed those some days ago: the files I found and downloaded corresponded in both number and name to the ones I was after, and have had no problems with them, so far… at least that I have noticed.

2 users thanked author for this post.

JDeC, Cybertooth

Reply | Quote

Thank you, in that case I’ll stick to the updates that are billed only as “security.”

Keep Running Windows 7 Safely for Years to Come  
Make Windows 10 look and work like Windows 7

Reply | Quote

I may have lost track, or not paid attention, or maybe this is Woody’s original point in this topic: Is there anything currently wrong with .NET4.7 in the Win7 setting?

1\ earlier this summer .NET4.7, developed for ‘better’ systems was backported to Win7
2\ Microsoft failed to document the perquisite D3D compiler
3\ 1+2 creates problems
4\ D3D included in September SMQR (?), and October etc. cummulative

QUESTION- does that mean we have reached

5\ no more problems, .NET4.7 is now the preferred less vulnerable package with latest protections
OR
5b\ Win7 lacks the inherent ability, and .NET4.7 ‘is not the droid you are looking for’

Reply | Quote

anonymous #139987 wrote:
Is there anything currently wrong with .NET4.7 in the Win7 setting?

I’m equally curious about this mysterious .NET v4.7 “issue”. I keep seeing repeated remarks at AskWoody that .NET v4.7 causes problems in Win 7, but w/o any elaboration of what the problems might be.

I searched through the AskWoody domain, as well as undertook an internet search about the said .NET 4.7 problems, but so far have not found anything of note — other than .NET 4.7 installation being previously blocked on Win 7 due to a missing D3DCompiler_47.dll (which Win 7 users have to install first, ref: KB 4019990).

In fact, before I saw the multiple AskWoody’s remarks about the so-called .NET v4.7 problems, I already installed .NET v4.7 in July 2017 on Win 7 x64 SP1 (2011 version). D3DCompiler_47.dll was already explicitly listed as a pre-requisite on .NET v4.7’s installer page back then, so I didn’t run into any install-block.

To date, I have not encountered anything unusual in my Win OS or .NET-dependent apps. And it seems likewise for user BrianL (reply #139851) on his Win 7 x64 SP1 (2009 version).

Perhaps the .NET v4.7 problems pertain to Win 7 RTM ? Or might the whole situation have arisen from some misunderstanding somewhere, & is actually a non-issue afterall  ?

2 users thanked author for this post.

woody, abbodi86

Reply | Quote

Am I understanding this correctly: the monthly .NET Security and Quality Rollups, starting with KB4041083, install .NET 4.7 even if the user only has 4.6.2 or lower currently installed?

If so, then this is not the behavior of the Security-only patches, which too have have started including .NET 4.7 in the titles. I have KB4040957, “Security Only update for the .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 for Windows 7 SP1”, installed, yet the registry and Raymondcc .NET Detector tell me that I do not have .NET 4.7 installed.

Reply | Quote

It was actually started with KB4032113 (July 2017 Preview), but yes, KB4041083 is the first Security Rollup to have the merged 4.6-4.7 update

It doesn’t install 4.7 or change your 4.6.x version totally
but the updated binaries and fixes you get are based on 4.7
so you will have sort of a frankenstein .NET

It’s the same behavior
but Security-only patches just update small part of .NET binaries, then the impact will not be big

2 users thanked author for this post.

walker

Reply | Quote

So the pro advice is to either stay with Secuirty-only patches for now if you are currently on 4.6.x to avoid franken-.NET, or upgrade to 4.7.x and keep with the Security and Quality Rollups?

Reply | Quote

Well, my advise is to either install 4.5.2 or 4.7
4.6.x branch is basically halted

2 users thanked author for this post.

walker

Reply | Quote

@abbodi86:  Thank you for the advice!    It is a great help!     

Reply | Quote

I was developing a project with Visual Studio 2015, which requires at least 4.6.x. Hopefully it will still work with 4.7.x installed.

Reply | Quote

I tested this on Windows 7 x64. It is true that updated binaries for 4.6.1 and 4.7 are now the same. However, the logic inside those updated binaries could still have differential behavior for 4.6.1 vs 4.7. Example: the code for those updated binaries could have logic like this:

If installed version of 4.x = 4.6.1 then do 4.6.1-specific actions
else if installed version of 4.x = 4.7 then do 4.7-specific actions

 

1 user thanked author for this post.

walker

Reply | Quote

Mr.Brian:   With your amazing knowledge you understand completely about these issues.   As usual, I know nothing, and appreciate the very complex information about this subject.  Thank you very much for this advice.     

Reply | Quote

An example from the source code for .NET Framework 4.7.1 (my bolding):

“if (timeoutInMillsec.HasValue) {
timeout = timeoutInMillsec.Value;
} else {
if (!IsRegexTimeoutSetInAppDomain && BinaryCompatibility.Current.TargetsAtLeastFramework461) {
timeout = 2000;
}
}”

Reply | Quote

Microsoft documents application compatibility changes from one version of .NET Framework to another. For example, these two links have changes from 4.6.2 to 4.7: https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/runtime/4.6.2-4.7 and https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/retargeting/4.6.2-4.7. If anyone has evidence that any of these documented changes from 4.6.2 to 4.7 no longer exist, please share it.

2 users thanked author for this post.

abbodi86, walker

Reply | Quote

Vols and Jezuz wrote:
I was developing a project with Visual Studio 2015, which requires at least 4.6.x. Hopefully it will still work with 4.7.x installed.

As far as I know, .NET Framework v4.7.x is an in-place update to .NET v4.6.x, 4.5.x & 4.0 Full & Client. This is also stated at Microsoft’s page for .NET v4.7.1:

“Microsoft .NET Framework 4.7.1 is a highly compatible in-place update to the Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7.”

Back in July 2017, I installed .NET v4.7 on on a new Win 7 x64 SP2 install (which comes only with .NET v3.5.1). And all my .NET v4.0, 4.5.x & 4.6.x dependent apps are working as expected so far. No problems observed in Windows either.

2 users thanked author for this post.

AJNorth

Reply | Quote

Could anyone please explain exactly how to install .Net 4.5.2 in simple terms for Win7?  I asked earlier on a different post and no one offered a how-to.  Also do I have to uninstall .Net 4.6 (or 4.7 ish automatically updated from KB4041083)? Thx

Reply | Quote

It’s offered as optional update in WU

you can have the installer from MU catalog:
https://www.catalog.update.microsoft.com/Search.aspx?q=.NET+Framework+4.5.2+Feature

yes, you need to uninstall any 4.6 ish version
control panel – Programs and Features – Uninstall a program

Reply | Quote

To abbodi86

Thank you for the install/uninstall information. It appears there is one installer for just Win7 and one for Win7 x64 based systems – mine is x64 , so I guess that is the appropriate one.

I also notice the language packs & separate upgrade for language packs for Win7 – would I need those also?

Reply | Quote

The installer is the same for both x64 and x86

likewise LangPack installer, which you only need if your OS language is supported (23 langs besides english)

Reply | Quote

What I found annoying is that the 2017-10 Security and Quality Rollup for .NET updates did not have a security tag; as far as I know that’s the first time these did not have one.
(oktober did not see a security only .NET; someone mention that already I think)

side note:
sometimes you have those weird situations: ConfigMgr client (W7) scans for updates and reports missing KB 2813347. It had the scan info from WSUS, in which had it listed as superseded by 3075220. The 3075220 entry in W7 was removed after installation of 2017-10 monthly update. 3075220 does not show as superseded in ConfigMgr and not in WSUS. 2813347 was long ago cleaned up ConfigMgr, so the W7 client does not get it.
Which left me with… checking both updates for discrepancies; found none (scan bug?). An older W7 which had 2813347 installed back in 2014 had it still listed as installed after 2017-10 monthly and did not need it. Even more: 3075220 did not want to install manually (not applicable); the 2813347 did want to install manually, but gave an error. But 2813347 did install after a reboot, after which it reported fully patched.
So I made an application of 2813347 for those missing this update and left me wondering what else I might be missing from before 2014, lol.

Reply | Quote

There are some occasions in which Update A is metadata-superseded by Update B, but yet after the installation of Update B, Update A is still considered applicable because it isn’t component-superseded by what’s installed on the computer. See this topic for the different types of supersedence.

2 users thanked author for this post.

walker, Rydan

Reply | Quote

Thanks MrBrian, I had not seen your/that topic yet.
The thing I found annoying was that the W7 system I installed in August, patched and again patched in September, reported fully patched each time and ‘suddenly’ missed an old superseded update from 2013 when patched with the 2017-10 Security Monthy Quality Update.

Reply | Quote

That’s because “2017-10 Security and Quality Rollup” do not contain any new security fixes
.NET 3.5 and 4.5.2 security updates are still the same as in “2017-09 Security and Quality Rollup”
only .NET 4.7 got new non-security update

and because Microsoft obligated themselves to gather all .NET updates into one rollup, they had to release 2017-10 Rollup

also per Microsoft rules, Optional update cannot supersede security update at metadata level
that’s why we have 3 active .NET Rollups

1 user thanked author for this post.

Elly

Reply | Quote

so, based on this, there is no Security Only patches for other .Net versions.  i searched the catalog for 4.6.1 and the last security only update was for September.  so other than those listed in your post, all the other versions are “secure”

Reply | Quote

p.s.  how do we tell which .msu is for which Win 7 version?  there are 2 .exe and e .msu files listed when you click download from the catalogue listing

Reply | Quote

KB4019990 msu is normal update, doesn’t change between rollups
the other msu is always for .net 3.5

the exe files names are clear enough, ndp45 for .net 4.5.2, ndp46 is for .net 4.6 and later

Reply | Quote

hmmmm…. I downloaded KB4019990, but it says it is not applicable to my computer when I try to install.  I only have .NET 4.6.1 listed in the installed programs list.  But this Sep 2017 update for 4.6.1 is NOT listed in the update history.

Reply | Quote

KB4019990 is only necessary for .NET 4.7

Reply | Quote

p.s…. the last .NET update i applied was in May 2017, and it was  “security and quality” update for all .NET… could that have some impact on applicability of this newer security patch?  e.g., did it make my .NET 4.6.1 into the “hybrid-frankenstien” 4.6-4.7?

Reply | Quote

If not noticed yet (and as reported about 4.7 binaries used for all 4.6.x updates)  the KB 4019990 is now a requirement. For example, see article https://support.microsoft.com/en-us/help/4043766 under Summary

Reply | Quote

This .Net issue is way too complicated. I’m just going to hold off patching .net until the controversy ceases or I get error messages saying I need a later version.

Reply | Quote

From Lifecycle FAQ—.NET Framework: “We recommend customers upgrade to .NET Framework 4.7.1 to receive the highest level of performance, reliability, and security.”

I will probably wait a few months after .NET Framework 4.7.1 becomes available on Windows Update to install it.

1 user thanked author for this post.

walker

Reply | Quote

From Introduction to .NET Framework Compatibility (my bolding):

“Beginning with the .NET Framework 4.0, all versions of the .NET Framework with a major version number of 4 (called ‘4.x’ versions) install as in-place updates. This means that only one 4.x .NET Framework is installed on a computer at a time. Installing the .NET Framework 4.5 will replace version 4.0, the .NET Framework 4.5.1 will replace version 4.5, the .NET Framework 4.6 will replace version 4.5.1, and so on.

[…]

Compatibility with previous versions of the .NET Framework is a high priority for the .NET team. In fact, all changes in the .NET Framework are reviewed by experienced engineers who assess the impact of the changes on customer apps.

[…]

As an example, if an app targets the .NET Framework 4.5 but runs on a computer with the .NET Framework 4.5.2 installed, even though the app executes on the newer Framework, it will mimic some behaviors from 4.5 in order to minimize compatibility issues.”

1 user thanked author for this post.

walker

Reply | Quote

In addition to .NET Framework 4.7, .NET Framework 4.6.x also received non-security updates in the October 2017 .NET Framework monthly rollup, at least for Windows 7.

1 user thanked author for this post.

walker

Reply | Quote