News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • What’s happening with Win7 .NET updates?

    Home Forums AskWoody blog What’s happening with Win7 .NET updates?

    Viewing 24 reply threads
    • Author
      Posts
      • #139646 Reply
        woody
        Da Boss

        Just got this from reader OC: Today I received from MS new updates for my Win 7 Pro, x64, SP1 (to be installed when I decide to), for .NET 4.6.4, 4.61
        [See the full post at: What’s happening with Win7 .NET updates?]

        1 user thanked author for this post.
      • #139654 Reply
        anonymous
        Guest

        Anything for Windows 8.1?

      • #139671 Reply
        Seff
        AskWoody Plus

        All I had this month for .Net Framework on my Windows 7 SP1 machines was the optional and unchecked KB4043766 plus the optional and unchecked preview KB4042076. I’ve hidden both of them as I don’t install optional and/or unchecked updates.

      • #139679 Reply
        DrBonzo
        AskWoody Plus

        @OC: 73, 77, and 80 are September Rollups (i.e., security and quality). Together they comprise KB4041083. I don’t believe you were taken to what you call “86” because there is no KB 4040986 (google it and see). I’m guessing you were taken to 4041083. If you scroll through that page I think you’ll see references to the 73,77, and 80 updates. Also if you go to the Update Catalog either from the aforementioned page or directly and enter KB4041083, and then put it in your basket and try to download, I think you’ll suddenly see 3 or 4 links some of which will be for 73, 77, and 80 (one link for each)

        At least that’s what happened for me when I installed .NET updates a couple weeks ago from the Update Catalog.

        Hope this helps.

        1 user thanked author for this post.
        • #139687 Reply
          PKCano
          Da Boss

          Those separate patches are for different versions of .NET. In the Catalog, if you click on the title of the Rollup (instead of the “download” button), then click on “More information” in the box that pops up, it will take you to a page that tells you which patch goes with which version.

          1 user thanked author for this post.
      • #139685 Reply
        anonymous
        Guest

        Personally only interested henceforth in Security Only updates for 4.6.1 and anything earlier this Win7 Pro will allow me to install. No interest in 4.7 as no local program requires it and my Zbook workstation is stable, touch wood! YMMV…

      • #139696 Reply
        abbodi86
        AskWoody_MVP

        Too much overthinking 🙂

        currently there are 3 .NET Rollups that would be offered in WU

        2017-09 Security and Quality Rollup (KB4041083) – Important
        2017-10 Security and Quality Rollup (KB4043766) – Optional/Recommended
        2017-10 Preview of Quality Rollup (KB4042076) – Optional

        .NET 3.5.1 Security Rollup KB4040980 is the same included in all three
        .NET 4.5.2 Security Rollup KB4040977  is the same included in all three

        only  .NET 4.7 update differs
        KB4041083 -> KB4040973
        KB4043766 -> KB4043764
        KB4042076 -> KB4041778

        4 users thanked author for this post.
        • #139753 Reply
          alpha128
          AskWoody Plus

          currently there are 3 .NET Rollups that would be offered in WU

          2017-09 Security and Quality Rollup (KB4041083) – Important
          2017-10 Security and Quality Rollup (KB4043766) – Optional/Recommended
          2017-10 Preview of Quality Rollup (KB4042076) – Optional – abbodi86

          Yes, I’m seeing the later two as unchecked optional updates in Windows Update.

          I don’t see the first one as I installed in on 9/29/2017.

        • #139871 Reply
          walker
          AskWoody Lounger

          @abbodi86: Thank you for the above information.   There have been so many updates, it can easily get very confusing for the “novice users”.   🙂

        • #141502 Reply
          anonymous
          Guest

          About this:

          2017-09 Security and Quality Rollup (KB4041083) – Important
          2017-10 Security and Quality Rollup (KB4043766) – Optional/Recommended

          And this:

          .NET 4.5.2 Security Rollup KB4040977  is the same included in all three

          … not true. 4040977 inside 4043766 has changed (I compared them). WUA does not force to install it, its just some non binary problem (some installer language confusion, not affecting installed binaries).

      • #139721 Reply
        BobT
        AskWoody Lounger

        lol.

        WOULDN’T IT BE BETTER IF IT WAS ALL MANAGED COMPLETELY FOR YOU WITHOUT YOU HAVING TO DO ANYTHING?
        AREN’T ROLLUPS GREAT!
        MICROSOFT KNOWS BEST!

      • #139723 Reply
        anonymous
        Guest

        Don’t know if related, but on Win 8.1 this morning when I powered up and logged in, a .NET Runtime Optimization task started and pegged the Task Manager Hard Disk utilization at 100% for about 5 minutes.

        I had not updated anything since Oct 9, so no clue why this suddenly kicked in.

      • #139729 Reply
        anonymous
        Guest

        Earlier today, I did exactly what PK Cano advises, and ended up, after being redirected to migrate from page to page in the MS Web site, at a place where each of the three patches were all said to be for .NET 4.7. So: all roads led to 4.7, although  the three .NET patches were described in the initial “More Information” MS site  as being for different versions of .NET,  just as explained in the OC posting. Except they are not, or are they?

        The mystery thickens…

        And I do not want to install 4.7…

        • #139840 Reply
          abbodi86
          AskWoody_MVP

          If you don’t want 4.7, you must install 4.5.2 at top

          4.6 and later are already merged with 4.7

          2 users thanked author for this post.
      • #139748 Reply
        anonymous
        Guest

        Great! I just googled “kb4040980” and following the link to MS took me to the MS Web page where this is described as:

        “Security and Quality Rollup for .NET Framework 3.5.1 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB 4040980)”, and when I clicked the link to the Catalogue, it landed me in a page from where I could download one of three flavours, one for a different type of OS, of the “**Preliminary** Quality and Total Wonderfulness Rollout” (stars are mine), well, maybe with a few less words in the name, for several .NET versions including 4.7!

      • #139773 Reply
        anonymous
        Guest

        Final update on the ongoing “.NET update and I” story:

        I decided to hide the update!

        Now my plan is as follows:

        If black hats take advantage of some bug in the unpatched .NET and kidnap my computer, or am I otherwise seriously inconvenienced, I shall:

        (a) Reformat the disk, and install some LINUX distro (probably Debian) in my PC. While I am still adapting the new OS to my needs and tastes, I shall continue doing my work with my Mac.

        (b) If (a) proves impracticable, then I shall remove the hard disk and take the rest of the machine to some place where they take care that it is responsibly and ecologically disposed of. And shall continue doing my work and the rest of it on my Mac.

        Because life is too short.

        1 user thanked author for this post.
      • #139777 Reply
        GoneToPlaid
        AskWoody Plus

        So, what do you all recommend, in terms of .NET updates, which I should install and which do not create major issues? I am on Group B, and I have stuck with .NET 4.5X on all of my Win7 computers.

      • #139781 Reply
        Cybertooth
        AskWoody Plus

        This is all so confusing and my brain’s RAM is overloaded with KB numbers and similar-sounding .NET patch names. WU is offering my Windows 7 PC the following:

        • 2017-09 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows 7 and Server 2008 R2 for x64 (KB4041083)
        • 2017-10 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows 7 and Server 2008 R2 for x64 (KB4043766)

        Just the facts, ma’am: Can someone tell me — without a lot of explanation or mumbo-jumbo, please — what the current recommendation for patching is with respect to the above two .NET updates?

        I’ve been Group B, but I’m ready to throw my hands up and join Group W. Although honestly, Group L (for Linux) is fast approaching.

         

        1 user thanked author for this post.
        • #139805 Reply
          Vols and Jezuz
          AskWoody Lounger

          Fellow Group B member here. I could be wrong, but I believe the current advice with both KB4041083 and KB4043766 is to wait until we are at MS-DEFCON 3 or higher and then apply them.

          For now, I think it is safe to leave them as unchecked in Windows Update, since we would be installing them at the next safe patching opportunity. The safest thing would probably be to hide them for now, then unhide them when it is time to patch.

          1 user thanked author for this post.
        • #140040 Reply
          Vols and Jezuz
          AskWoody Lounger

          To follow up, KB4041083 was the .NET Rollup that caused issues last month, with MS recommending to uninstall it and instead install the Security-only update. Now that same MS article is recommending the KB4043766 Rollup to fix rendering issues from KB4041083. As the Rollups are cumulative, there is no point in installing KB4041083 when we get to MS-DEFCON 3+ if you are going to be installing KB4043766, so you should hide KB4041083.

      • #139816 Reply
        Vols and Jezuz
        AskWoody Lounger

        Separate question: are .NET rollups cumulative?

        I.e., would installing the October rollup KB4043766 make the September rollup KB4041083 unneeded?

        Or are they like Group B Security-only patches, which are not cumulative? Thanks

        Edit: Answer found. .NET “Security and Quality” rollups are cumulative, while .NET Security-only updates are not. I think this mirrors the same behavior as the normal Windows rollups/Security-only updates.

      • #139851 Reply
        BrianL
        AskWoody Lounger

        Am using an antique version of Windows 7 SP1 x64 (Oct 2009).  I installed Net 4.7 on June 14th this year.  Have been getting update to that Net and also combined updates to3 other net versions since then.  They are installed and I have not encountered any noticeable problems.

        4 users thanked author for this post.
      • #139899 Reply
        anonymous
        Guest

        Cybertooth:

        In my own experience (at least yesterday) no matter what “kb” you choose to install, that is not what you will find when you finally reach the MS Catalog “Download” page clicking on all the correct links along the way. What you’ll find there, surprise, surprise, will be updates with different kb numbers and contents from the ones you were after. And all include .NET 4.7, the one reported as causing problems, along with whatever else they are supposed to be for.

        MS seems to be playing some kind of silly game with the .NET update names it is offering.

        The destination you finally reach is not the one you saw written on the road signs along the way.

        The Security Only update for my Windows 7 x64, SP1 and the IE11 Cumulative update, on the other hand, were not affected by this problem when I installed those some days ago: the files I found and downloaded corresponded in both number and name to the ones I was after, and have had no problems with them, so far… at least that I have noticed.

        2 users thanked author for this post.
      • #139987 Reply
        anonymous
        Guest

        I may have lost track, or not paid attention, or maybe this is Woody’s original point in this topic: Is there anything currently wrong with .NET4.7 in the Win7 setting?

        1\ earlier this summer .NET4.7, developed for ‘better’ systems was backported to Win7
        2\ Microsoft failed to document the perquisite D3D compiler
        3\ 1+2 creates problems
        4\ D3D included in September SMQR (?), and October etc. cummulative

        QUESTION- does that mean we have reached

        5\ no more problems, .NET4.7 is now the preferred less vulnerable package with latest protections
        OR
        5b\ Win7 lacks the inherent ability, and .NET4.7 ‘is not the droid you are looking for’

        • #140320 Reply
          anonymous
          Guest

          anonymous #139987 wrote:
          Is there anything currently wrong with .NET4.7 in the Win7 setting?

          I’m equally curious about this mysterious .NET v4.7 “issue”. I keep seeing repeated remarks at AskWoody that .NET v4.7 causes problems in Win 7, but w/o any elaboration of what the problems might be.

          I searched through the AskWoody domain, as well as undertook an internet search about the said .NET 4.7 problems, but so far have not found anything of note — other than .NET 4.7 installation being previously blocked on Win 7 due to a missing D3DCompiler_47.dll (which Win 7 users have to install first, ref: KB 4019990).

          In fact, before I saw the multiple AskWoody’s remarks about the so-called .NET v4.7 problems, I already installed .NET v4.7 in July 2017 on Win 7 x64 SP1 (2011 version). D3DCompiler_47.dll was already explicitly listed as a pre-requisite on .NET v4.7’s installer page back then, so I didn’t run into any install-block.

          To date, I have not encountered anything unusual in my Win OS or .NET-dependent apps. And it seems likewise for user BrianL (reply #139851) on his Win 7 x64 SP1 (2009 version).

          Perhaps the .NET v4.7 problems pertain to Win 7 RTM ? Or might the whole situation have arisen from some misunderstanding somewhere, & is actually a non-issue afterall  ?

          2 users thanked author for this post.
      • #140041 Reply
        Vols and Jezuz
        AskWoody Lounger

        Am I understanding this correctly: the monthly .NET Security and Quality Rollups, starting with KB4041083, install .NET 4.7 even if the user only has 4.6.2 or lower currently installed?

        If so, then this is not the behavior of the Security-only patches, which too have have started including .NET 4.7 in the titles. I have KB4040957, “Security Only update for the .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 for Windows 7 SP1”, installed, yet the registry and Raymondcc .NET Detector tell me that I do not have .NET 4.7 installed.

        • #140052 Reply
          abbodi86
          AskWoody_MVP

          It was actually started with KB4032113 (July 2017 Preview), but yes, KB4041083 is the first Security Rollup to have the merged 4.6-4.7 update

          It doesn’t install 4.7 or change your 4.6.x version totally
          but the updated binaries and fixes you get are based on 4.7
          so you will have sort of a frankenstein .NET 😀

          It’s the same behavior
          but Security-only patches just update small part of .NET binaries, then the impact will not be big

          2 users thanked author for this post.
          • #140054 Reply
            Vols and Jezuz
            AskWoody Lounger

            So the pro advice is to either stay with Secuirty-only patches for now if you are currently on 4.6.x to avoid franken-.NET, or upgrade to 4.7.x and keep with the Security and Quality Rollups?

            • #140092 Reply
              abbodi86
              AskWoody_MVP

              Well, my advise is to either install 4.5.2 or 4.7
              4.6.x branch is basically halted

              2 users thanked author for this post.
              • #140180 Reply
                walker
                AskWoody Lounger

                @abbodi86:  Thank you for the advice!    It is a great help!    🙂  🙂

              • #140265 Reply
                Vols and Jezuz
                AskWoody Lounger

                I was developing a project with Visual Studio 2015, which requires at least 4.6.x. Hopefully it will still work with 4.7.x installed.

        • #140144 Reply
          MrBrian
          AskWoody_MVP

          I tested this on Windows 7 x64. It is true that updated binaries for 4.6.1 and 4.7 are now the same. However, the logic inside those updated binaries could still have differential behavior for 4.6.1 vs 4.7. Example: the code for those updated binaries could have logic like this:

          If installed version of 4.x = 4.6.1 then do 4.6.1-specific actions
          else if installed version of 4.x = 4.7 then do 4.7-specific actions

           

          1 user thanked author for this post.
          • #140181 Reply
            walker
            AskWoody Lounger

            Mr.Brian:   With your amazing knowledge you understand completely about these issues.   As usual, I know nothing, and appreciate the very complex information about this subject.  Thank you very much for this advice.    🙂  🙂

          • #143060 Reply
            MrBrian
            AskWoody_MVP

            An example from the source code for .NET Framework 4.7.1 (my bolding):

            “if (timeoutInMillsec.HasValue) {
            timeout = timeoutInMillsec.Value;
            } else {
            if (!IsRegexTimeoutSetInAppDomain && BinaryCompatibility.Current.TargetsAtLeastFramework461) {
            timeout = 2000;
            }
            }”

        • #140146 Reply
          MrBrian
          AskWoody_MVP

          Microsoft documents application compatibility changes from one version of .NET Framework to another. For example, these two links have changes from 4.6.2 to 4.7: https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/runtime/4.6.2-4.7 and https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/retargeting/4.6.2-4.7. If anyone has evidence that any of these documented changes from 4.6.2 to 4.7 no longer exist, please share it.

          2 users thanked author for this post.
      • #140314 Reply
        anonymous
        Guest

        Vols and Jezuz wrote:
        I was developing a project with Visual Studio 2015, which requires at least 4.6.x. Hopefully it will still work with 4.7.x installed.

        As far as I know, .NET Framework v4.7.x is an in-place update to .NET v4.6.x, 4.5.x & 4.0 Full & Client. This is also stated at Microsoft’s page for .NET v4.7.1:

        “Microsoft .NET Framework 4.7.1 is a highly compatible in-place update to the Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7.”

        Back in July 2017, I installed .NET v4.7 on on a new Win 7 x64 SP2 install (which comes only with .NET v3.5.1). And all my .NET v4.0, 4.5.x & 4.6.x dependent apps are working as expected so far. No problems observed in Windows either.

        2 users thanked author for this post.
      • #140611 Reply
        anonymous
        Guest

        Could anyone please explain exactly how to install .Net 4.5.2 in simple terms for Win7?  I asked earlier on a different post and no one offered a how-to.  Also do I have to uninstall .Net 4.6 (or 4.7 ish automatically updated from KB4041083)? Thx

        • #140645 Reply
          abbodi86
          AskWoody_MVP

          It’s offered as optional update in WU

          you can have the installer from MU catalog:
          https://www.catalog.update.microsoft.com/Search.aspx?q=.NET+Framework+4.5.2+Feature

          yes, you need to uninstall any 4.6 ish version
          control panel – Programs and Features – Uninstall a program

          • #140690 Reply
            anonymous
            Guest

            To abbodi86

            Thank you for the install/uninstall information. It appears there is one installer for just Win7 and one for Win7 x64 based systems – mine is x64 , so I guess that is the appropriate one.

            I also notice the language packs & separate upgrade for language packs for Win7 – would I need those also?

            • #140704 Reply
              abbodi86
              AskWoody_MVP

              The installer is the same for both x64 and x86

              likewise LangPack installer, which you only need if your OS language is supported (23 langs besides english)

      • #140995 Reply
        Rydan
        AskWoody Lounger

        What I found annoying is that the 2017-10 Security and Quality Rollup for .NET updates did not have a security tag; as far as I know that’s the first time these did not have one.
        (oktober did not see a security only .NET; someone mention that already I think)

        side note:
        sometimes you have those weird situations: ConfigMgr client (W7) scans for updates and reports missing KB 2813347. It had the scan info from WSUS, in which had it listed as superseded by 3075220. The 3075220 entry in W7 was removed after installation of 2017-10 monthly update. 3075220 does not show as superseded in ConfigMgr and not in WSUS. 2813347 was long ago cleaned up ConfigMgr, so the W7 client does not get it.
        Which left me with… checking both updates for discrepancies; found none (scan bug?). An older W7 which had 2813347 installed back in 2014 had it still listed as installed after 2017-10 monthly and did not need it. Even more: 3075220 did not want to install manually (not applicable); the 2813347 did want to install manually, but gave an error. But 2813347 did install after a reboot, after which it reported fully patched.
        So I made an application of 2813347 for those missing this update and left me wondering what else I might be missing from before 2014, lol.

        • #140997 Reply
          MrBrian
          AskWoody_MVP

          There are some occasions in which Update A is metadata-superseded by Update B, but yet after the installation of Update B, Update A is still considered applicable because it isn’t component-superseded by what’s installed on the computer. See this topic for the different types of supersedence.

          2 users thanked author for this post.
          • #141000 Reply
            Rydan
            AskWoody Lounger

            Thanks MrBrian, I had not seen your/that topic yet.
            The thing I found annoying was that the W7 system I installed in August, patched and again patched in September, reported fully patched each time and ‘suddenly’ missed an old superseded update from 2013 when patched with the 2017-10 Security Monthy Quality Update.

        • #141056 Reply
          abbodi86
          AskWoody_MVP

          That’s because “2017-10 Security and Quality Rollup” do not contain any new security fixes
          .NET 3.5 and 4.5.2 security updates are still the same as in “2017-09 Security and Quality Rollup”
          only .NET 4.7 got new non-security update

          and because Microsoft obligated themselves to gather all .NET updates into one rollup, they had to release 2017-10 Rollup

          also per Microsoft rules, Optional update cannot supersede security update at metadata level
          that’s why we have 3 active .NET Rollups

          1 user thanked author for this post.
          • #141350 Reply
            anonymous
            Guest

            so, based on this, there is no Security Only patches for other .Net versions.  i searched the catalog for 4.6.1 and the last security only update was for September.  so other than those listed in your post, all the other versions are “secure”

          • #141353 Reply
            anonymous
            Guest

            p.s.  how do we tell which .msu is for which Win 7 version?  there are 2 .exe and e .msu files listed when you click download from the catalogue listing

            • #141378 Reply
              abbodi86
              AskWoody_MVP

              KB4019990 msu is normal update, doesn’t change between rollups
              the other msu is always for .net 3.5

              the exe files names are clear enough, ndp45 for .net 4.5.2, ndp46 is for .net 4.6 and later

              • #141394 Reply
                anonymous
                Guest

                hmmmm…. I downloaded KB4019990, but it says it is not applicable to my computer when I try to install.  I only have .NET 4.6.1 listed in the installed programs list.  But this Sep 2017 update for 4.6.1 is NOT listed in the update history.

              • #141396 Reply
                PKCano
                Da Boss

                KB4019990 is only necessary for .NET 4.7

              • #141397 Reply
                anonymous
                Guest

                p.s…. the last .NET update i applied was in May 2017, and it was  “security and quality” update for all .NET… could that have some impact on applicability of this newer security patch?  e.g., did it make my .NET 4.6.1 into the “hybrid-frankenstien” 4.6-4.7?

              • #141975 Reply
                Rydan
                AskWoody Lounger

                If not noticed yet (and as reported about 4.7 binaries used for all 4.6.x updates)  the KB 4019990 is now a requirement. For example, see article https://support.microsoft.com/en-us/help/4043766 under Summary

      • #141308 Reply
        MrToad28
        AskWoody Lounger

        This .Net issue is way too complicated. I’m just going to hold off patching .net until the controversy ceases or I get error messages saying I need a later version.

      • #141319 Reply
        MrBrian
        AskWoody_MVP

        From Lifecycle FAQ—.NET Framework: “We recommend customers upgrade to .NET Framework 4.7.1 to receive the highest level of performance, reliability, and security.”

        I will probably wait a few months after .NET Framework 4.7.1 becomes available on Windows Update to install it.

        1 user thanked author for this post.
      • #141664 Reply
        MrBrian
        AskWoody_MVP

        From Introduction to .NET Framework Compatibility (my bolding):

        “Beginning with the .NET Framework 4.0, all versions of the .NET Framework with a major version number of 4 (called ‘4.x’ versions) install as in-place updates. This means that only one 4.x .NET Framework is installed on a computer at a time. Installing the .NET Framework 4.5 will replace version 4.0, the .NET Framework 4.5.1 will replace version 4.5, the .NET Framework 4.6 will replace version 4.5.1, and so on.

        […]

        Compatibility with previous versions of the .NET Framework is a high priority for the .NET team. In fact, all changes in the .NET Framework are reviewed by experienced engineers who assess the impact of the changes on customer apps.

        […]

        As an example, if an app targets the .NET Framework 4.5 but runs on a computer with the .NET Framework 4.5.2 installed, even though the app executes on the newer Framework, it will mimic some behaviors from 4.5 in order to minimize compatibility issues.”

        1 user thanked author for this post.
      • #142436 Reply
        MrBrian
        AskWoody_MVP

        In addition to .NET Framework 4.7, .NET Framework 4.6.x also received non-security updates in the October 2017 .NET Framework monthly rollup, at least for Windows 7.

        1 user thanked author for this post.
    Viewing 24 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: What’s happening with Win7 .NET updates?

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.