• What’s happening with Win7 .NET updates?

    Home » Forums » Newsletter and Homepage topics » What’s happening with Win7 .NET updates?


    Just got this from reader OC: Today I received from MS new updates for my Win 7 Pro, x64, SP1 (to be installed when I decide to), for .NET 4.6.4, 4.61
    [See the full post at: What’s happening with Win7 .NET updates?]

    1 user thanked author for this post.
    Viewing 23 reply threads
    • #139654

      Anything for Windows 8.1?

    • #139671

      All I had this month for .Net Framework on my Windows 7 SP1 machines was the optional and unchecked KB4043766 plus the optional and unchecked preview KB4042076. I’ve hidden both of them as I don’t install optional and/or unchecked updates.

    • #139679

      @OC: 73, 77, and 80 are September Rollups (i.e., security and quality). Together they comprise KB4041083. I don’t believe you were taken to what you call “86” because there is no KB 4040986 (google it and see). I’m guessing you were taken to 4041083. If you scroll through that page I think you’ll see references to the 73,77, and 80 updates. Also if you go to the Update Catalog either from the aforementioned page or directly and enter KB4041083, and then put it in your basket and try to download, I think you’ll suddenly see 3 or 4 links some of which will be for 73, 77, and 80 (one link for each)

      At least that’s what happened for me when I installed .NET updates a couple weeks ago from the Update Catalog.

      Hope this helps.

      1 user thanked author for this post.
      • #139687

        Those separate patches are for different versions of .NET. In the Catalog, if you click on the title of the Rollup (instead of the “download” button), then click on “More information” in the box that pops up, it will take you to a page that tells you which patch goes with which version.

        1 user thanked author for this post.
    • #139685

      Personally only interested henceforth in Security Only updates for 4.6.1 and anything earlier this Win7 Pro will allow me to install. No interest in 4.7 as no local program requires it and my Zbook workstation is stable, touch wood! YMMV…

    • #139696

      Too much overthinking 🙂

      currently there are 3 .NET Rollups that would be offered in WU

      2017-09 Security and Quality Rollup (KB4041083) – Important
      2017-10 Security and Quality Rollup (KB4043766) – Optional/Recommended
      2017-10 Preview of Quality Rollup (KB4042076) – Optional

      .NET 3.5.1 Security Rollup KB4040980 is the same included in all three
      .NET 4.5.2 Security Rollup KB4040977  is the same included in all three

      only  .NET 4.7 update differs
      KB4041083 -> KB4040973
      KB4043766 -> KB4043764
      KB4042076 -> KB4041778

      4 users thanked author for this post.
      • #139753

        currently there are 3 .NET Rollups that would be offered in WU

        2017-09 Security and Quality Rollup (KB4041083) – Important
        2017-10 Security and Quality Rollup (KB4043766) – Optional/Recommended
        2017-10 Preview of Quality Rollup (KB4042076) – Optional – abbodi86

        Yes, I’m seeing the later two as unchecked optional updates in Windows Update.

        I don’t see the first one as I installed in on 9/29/2017.

      • #139871

        @abbodi86: Thank you for the above information.   There have been so many updates, it can easily get very confusing for the “novice users”.   🙂

      • #141502

        About this:

        2017-09 Security and Quality Rollup (KB4041083) – Important
        2017-10 Security and Quality Rollup (KB4043766) – Optional/Recommended

        And this:

        .NET 4.5.2 Security Rollup KB4040977  is the same included in all three

        … not true. 4040977 inside 4043766 has changed (I compared them). WUA does not force to install it, its just some non binary problem (some installer language confusion, not affecting installed binaries).

    • #139721



    • #139723

      Don’t know if related, but on Win 8.1 this morning when I powered up and logged in, a .NET Runtime Optimization task started and pegged the Task Manager Hard Disk utilization at 100% for about 5 minutes.

      I had not updated anything since Oct 9, so no clue why this suddenly kicked in.

    • #139729

      Earlier today, I did exactly what PK Cano advises, and ended up, after being redirected to migrate from page to page in the MS Web site, at a place where each of the three patches were all said to be for .NET 4.7. So: all roads led to 4.7, although  the three .NET patches were described in the initial “More Information” MS site  as being for different versions of .NET,  just as explained in the OC posting. Except they are not, or are they?

      The mystery thickens…

      And I do not want to install 4.7…

    • #139748

      Great! I just googled “kb4040980” and following the link to MS took me to the MS Web page where this is described as:

      “Security and Quality Rollup for .NET Framework 3.5.1 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (KB 4040980)”, and when I clicked the link to the Catalogue, it landed me in a page from where I could download one of three flavours, one for a different type of OS, of the “**Preliminary** Quality and Total Wonderfulness Rollout” (stars are mine), well, maybe with a few less words in the name, for several .NET versions including 4.7!

    • #139773

      Final update on the ongoing “.NET update and I” story:

      I decided to hide the update!

      Now my plan is as follows:

      If black hats take advantage of some bug in the unpatched .NET and kidnap my computer, or am I otherwise seriously inconvenienced, I shall:

      (a) Reformat the disk, and install some LINUX distro (probably Debian) in my PC. While I am still adapting the new OS to my needs and tastes, I shall continue doing my work with my Mac.

      (b) If (a) proves impracticable, then I shall remove the hard disk and take the rest of the machine to some place where they take care that it is responsibly and ecologically disposed of. And shall continue doing my work and the rest of it on my Mac.

      Because life is too short.

      1 user thanked author for this post.
    • #139777

      So, what do you all recommend, in terms of .NET updates, which I should install and which do not create major issues? I am on Group B, and I have stuck with .NET 4.5X on all of my Win7 computers.

    • #139781

      This is all so confusing and my brain’s RAM is overloaded with KB numbers and similar-sounding .NET patch names. WU is offering my Windows 7 PC the following:

      • 2017-09 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows 7 and Server 2008 R2 for x64 (KB4041083)
      • 2017-10 Security and Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 on Windows 7 and Server 2008 R2 for x64 (KB4043766)

      Just the facts, ma’am: Can someone tell me — without a lot of explanation or mumbo-jumbo, please — what the current recommendation for patching is with respect to the above two .NET updates?

      I’ve been Group B, but I’m ready to throw my hands up and join Group W. Although honestly, Group L (for Linux) is fast approaching.


      1 user thanked author for this post.
      • #139805

        Fellow Group B member here. I could be wrong, but I believe the current advice with both KB4041083 and KB4043766 is to wait until we are at MS-DEFCON 3 or higher and then apply them.

        For now, I think it is safe to leave them as unchecked in Windows Update, since we would be installing them at the next safe patching opportunity. The safest thing would probably be to hide them for now, then unhide them when it is time to patch.

        1 user thanked author for this post.
      • #140040

        To follow up, KB4041083 was the .NET Rollup that caused issues last month, with MS recommending to uninstall it and instead install the Security-only update. Now that same MS article is recommending the KB4043766 Rollup to fix rendering issues from KB4041083. As the Rollups are cumulative, there is no point in installing KB4041083 when we get to MS-DEFCON 3+ if you are going to be installing KB4043766, so you should hide KB4041083.

    • #139816

      Separate question: are .NET rollups cumulative?

      I.e., would installing the October rollup KB4043766 make the September rollup KB4041083 unneeded?

      Or are they like Group B Security-only patches, which are not cumulative? Thanks

      Edit: Answer found. .NET “Security and Quality” rollups are cumulative, while .NET Security-only updates are not. I think this mirrors the same behavior as the normal Windows rollups/Security-only updates.

    • #139851

      Am using an antique version of Windows 7 SP1 x64 (Oct 2009).  I installed Net 4.7 on June 14th this year.  Have been getting update to that Net and also combined updates to3 other net versions since then.  They are installed and I have not encountered any noticeable problems.

      4 users thanked author for this post.
    • #139899


      In my own experience (at least yesterday) no matter what “kb” you choose to install, that is not what you will find when you finally reach the MS Catalog “Download” page clicking on all the correct links along the way. What you’ll find there, surprise, surprise, will be updates with different kb numbers and contents from the ones you were after. And all include .NET 4.7, the one reported as causing problems, along with whatever else they are supposed to be for.

      MS seems to be playing some kind of silly game with the .NET update names it is offering.

      The destination you finally reach is not the one you saw written on the road signs along the way.

      The Security Only update for my Windows 7 x64, SP1 and the IE11 Cumulative update, on the other hand, were not affected by this problem when I installed those some days ago: the files I found and downloaded corresponded in both number and name to the ones I was after, and have had no problems with them, so far… at least that I have noticed.

      2 users thanked author for this post.
    • #139987

      I may have lost track, or not paid attention, or maybe this is Woody’s original point in this topic: Is there anything currently wrong with .NET4.7 in the Win7 setting?

      1\ earlier this summer .NET4.7, developed for ‘better’ systems was backported to Win7
      2\ Microsoft failed to document the perquisite D3D compiler
      3\ 1+2 creates problems
      4\ D3D included in September SMQR (?), and October etc. cummulative

      QUESTION- does that mean we have reached

      5\ no more problems, .NET4.7 is now the preferred less vulnerable package with latest protections
      5b\ Win7 lacks the inherent ability, and .NET4.7 ‘is not the droid you are looking for’

      • #140320

        anonymous #139987 wrote:
        Is there anything currently wrong with .NET4.7 in the Win7 setting?

        I’m equally curious about this mysterious .NET v4.7 “issue”. I keep seeing repeated remarks at AskWoody that .NET v4.7 causes problems in Win 7, but w/o any elaboration of what the problems might be.

        I searched through the AskWoody domain, as well as undertook an internet search about the said .NET 4.7 problems, but so far have not found anything of note — other than .NET 4.7 installation being previously blocked on Win 7 due to a missing D3DCompiler_47.dll (which Win 7 users have to install first, ref: KB 4019990).

        In fact, before I saw the multiple AskWoody’s remarks about the so-called .NET v4.7 problems, I already installed .NET v4.7 in July 2017 on Win 7 x64 SP1 (2011 version). D3DCompiler_47.dll was already explicitly listed as a pre-requisite on .NET v4.7’s installer page back then, so I didn’t run into any install-block.

        To date, I have not encountered anything unusual in my Win OS or .NET-dependent apps. And it seems likewise for user BrianL (reply #139851) on his Win 7 x64 SP1 (2009 version).

        Perhaps the .NET v4.7 problems pertain to Win 7 RTM ? Or might the whole situation have arisen from some misunderstanding somewhere, & is actually a non-issue afterall  ?

        2 users thanked author for this post.
    • #140041

      Am I understanding this correctly: the monthly .NET Security and Quality Rollups, starting with KB4041083, install .NET 4.7 even if the user only has 4.6.2 or lower currently installed?

      If so, then this is not the behavior of the Security-only patches, which too have have started including .NET 4.7 in the titles. I have KB4040957, “Security Only update for the .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 for Windows 7 SP1”, installed, yet the registry and Raymondcc .NET Detector tell me that I do not have .NET 4.7 installed.

      • #140052

        It was actually started with KB4032113 (July 2017 Preview), but yes, KB4041083 is the first Security Rollup to have the merged 4.6-4.7 update

        It doesn’t install 4.7 or change your 4.6.x version totally
        but the updated binaries and fixes you get are based on 4.7
        so you will have sort of a frankenstein .NET 😀

        It’s the same behavior
        but Security-only patches just update small part of .NET binaries, then the impact will not be big

        2 users thanked author for this post.
      • #140144

        I tested this on Windows 7 x64. It is true that updated binaries for 4.6.1 and 4.7 are now the same. However, the logic inside those updated binaries could still have differential behavior for 4.6.1 vs 4.7. Example: the code for those updated binaries could have logic like this:

        If installed version of 4.x = 4.6.1 then do 4.6.1-specific actions
        else if installed version of 4.x = 4.7 then do 4.7-specific actions


        1 user thanked author for this post.
        • #140181

          Mr.Brian:   With your amazing knowledge you understand completely about these issues.   As usual, I know nothing, and appreciate the very complex information about this subject.  Thank you very much for this advice.    🙂  🙂

        • #143060

          An example from the source code for .NET Framework 4.7.1 (my bolding):

          “if (timeoutInMillsec.HasValue) {
          timeout = timeoutInMillsec.Value;
          } else {
          if (!IsRegexTimeoutSetInAppDomain && BinaryCompatibility.Current.TargetsAtLeastFramework461) {
          timeout = 2000;

      • #140146

        Microsoft documents application compatibility changes from one version of .NET Framework to another. For example, these two links have changes from 4.6.2 to 4.7: https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/runtime/4.6.2-4.7 and https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/retargeting/4.6.2-4.7. If anyone has evidence that any of these documented changes from 4.6.2 to 4.7 no longer exist, please share it.

        2 users thanked author for this post.
    • #140314

      Vols and Jezuz wrote:
      I was developing a project with Visual Studio 2015, which requires at least 4.6.x. Hopefully it will still work with 4.7.x installed.

      As far as I know, .NET Framework v4.7.x is an in-place update to .NET v4.6.x, 4.5.x & 4.0 Full & Client. This is also stated at Microsoft’s page for .NET v4.7.1:

      “Microsoft .NET Framework 4.7.1 is a highly compatible in-place update to the Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7.”

      Back in July 2017, I installed .NET v4.7 on on a new Win 7 x64 SP2 install (which comes only with .NET v3.5.1). And all my .NET v4.0, 4.5.x & 4.6.x dependent apps are working as expected so far. No problems observed in Windows either.

      2 users thanked author for this post.
    • #140611

      Could anyone please explain exactly how to install .Net 4.5.2 in simple terms for Win7?  I asked earlier on a different post and no one offered a how-to.  Also do I have to uninstall .Net 4.6 (or 4.7 ish automatically updated from KB4041083)? Thx

      • #140645

        It’s offered as optional update in WU

        you can have the installer from MU catalog:

        yes, you need to uninstall any 4.6 ish version
        control panel – Programs and Features – Uninstall a program

        • #140690

          To abbodi86

          Thank you for the install/uninstall information. It appears there is one installer for just Win7 and one for Win7 x64 based systems – mine is x64 , so I guess that is the appropriate one.

          I also notice the language packs & separate upgrade for language packs for Win7 – would I need those also?

          • #140704

            The installer is the same for both x64 and x86

            likewise LangPack installer, which you only need if your OS language is supported (23 langs besides english)

    • #140995

      What I found annoying is that the 2017-10 Security and Quality Rollup for .NET updates did not have a security tag; as far as I know that’s the first time these did not have one.
      (oktober did not see a security only .NET; someone mention that already I think)

      side note:
      sometimes you have those weird situations: ConfigMgr client (W7) scans for updates and reports missing KB 2813347. It had the scan info from WSUS, in which had it listed as superseded by 3075220. The 3075220 entry in W7 was removed after installation of 2017-10 monthly update. 3075220 does not show as superseded in ConfigMgr and not in WSUS. 2813347 was long ago cleaned up ConfigMgr, so the W7 client does not get it.
      Which left me with… checking both updates for discrepancies; found none (scan bug?). An older W7 which had 2813347 installed back in 2014 had it still listed as installed after 2017-10 monthly and did not need it. Even more: 3075220 did not want to install manually (not applicable); the 2813347 did want to install manually, but gave an error. But 2813347 did install after a reboot, after which it reported fully patched.
      So I made an application of 2813347 for those missing this update and left me wondering what else I might be missing from before 2014, lol.

      • #140997

        There are some occasions in which Update A is metadata-superseded by Update B, but yet after the installation of Update B, Update A is still considered applicable because it isn’t component-superseded by what’s installed on the computer. See this topic for the different types of supersedence.

        2 users thanked author for this post.
        • #141000

          Thanks MrBrian, I had not seen your/that topic yet.
          The thing I found annoying was that the W7 system I installed in August, patched and again patched in September, reported fully patched each time and ‘suddenly’ missed an old superseded update from 2013 when patched with the 2017-10 Security Monthy Quality Update.

      • #141056

        That’s because “2017-10 Security and Quality Rollup” do not contain any new security fixes
        .NET 3.5 and 4.5.2 security updates are still the same as in “2017-09 Security and Quality Rollup”
        only .NET 4.7 got new non-security update

        and because Microsoft obligated themselves to gather all .NET updates into one rollup, they had to release 2017-10 Rollup

        also per Microsoft rules, Optional update cannot supersede security update at metadata level
        that’s why we have 3 active .NET Rollups

        1 user thanked author for this post.
        • #141350

          so, based on this, there is no Security Only patches for other .Net versions.  i searched the catalog for 4.6.1 and the last security only update was for September.  so other than those listed in your post, all the other versions are “secure”

        • #141353

          p.s.  how do we tell which .msu is for which Win 7 version?  there are 2 .exe and e .msu files listed when you click download from the catalogue listing

          • #141378

            KB4019990 msu is normal update, doesn’t change between rollups
            the other msu is always for .net 3.5

            the exe files names are clear enough, ndp45 for .net 4.5.2, ndp46 is for .net 4.6 and later

            • #141394

              hmmmm…. I downloaded KB4019990, but it says it is not applicable to my computer when I try to install.  I only have .NET 4.6.1 listed in the installed programs list.  But this Sep 2017 update for 4.6.1 is NOT listed in the update history.

            • #141396

              KB4019990 is only necessary for .NET 4.7

            • #141397

              p.s…. the last .NET update i applied was in May 2017, and it was  “security and quality” update for all .NET… could that have some impact on applicability of this newer security patch?  e.g., did it make my .NET 4.6.1 into the “hybrid-frankenstien” 4.6-4.7?

            • #141975

              If not noticed yet (and as reported about 4.7 binaries used for all 4.6.x updates)  the KB 4019990 is now a requirement. For example, see article https://support.microsoft.com/en-us/help/4043766 under Summary

    • #141308

      This .Net issue is way too complicated. I’m just going to hold off patching .net until the controversy ceases or I get error messages saying I need a later version.

    • #141319

      From Lifecycle FAQ—.NET Framework: “We recommend customers upgrade to .NET Framework 4.7.1 to receive the highest level of performance, reliability, and security.”

      I will probably wait a few months after .NET Framework 4.7.1 becomes available on Windows Update to install it.

      1 user thanked author for this post.
    • #141664

      From Introduction to .NET Framework Compatibility (my bolding):

      “Beginning with the .NET Framework 4.0, all versions of the .NET Framework with a major version number of 4 (called ‘4.x’ versions) install as in-place updates. This means that only one 4.x .NET Framework is installed on a computer at a time. Installing the .NET Framework 4.5 will replace version 4.0, the .NET Framework 4.5.1 will replace version 4.5, the .NET Framework 4.6 will replace version 4.5.1, and so on.


      Compatibility with previous versions of the .NET Framework is a high priority for the .NET team. In fact, all changes in the .NET Framework are reviewed by experienced engineers who assess the impact of the changes on customer apps.


      As an example, if an app targets the .NET Framework 4.5 but runs on a computer with the .NET Framework 4.5.2 installed, even though the app executes on the newer Framework, it will mimic some behaviors from 4.5 in order to minimize compatibility issues.”

      1 user thanked author for this post.
    • #142436

      In addition to .NET Framework 4.7, .NET Framework 4.6.x also received non-security updates in the October 2017 .NET Framework monthly rollup, at least for Windows 7.

      1 user thanked author for this post.
    Viewing 23 reply threads
    Reply To: What’s happening with Win7 .NET updates?

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: