KB5037933: Overview with user sentiment and feedback

Overview

The KB5037933 update, released on May 14, 2024, is a cumulative update for the .NET Framework versions 3.5 and 4.8, specifically targeting Windows 10 version 1809 and Windows Server 2019. This update is part of Microsoft's ongoing efforts to enhance the security and reliability of their software products. It includes all previously released security improvements, ensuring that users benefit from the latest protections against vulnerabilities. While there are no new security enhancements in this release, it is crucial for users to apply this update as part of their regular maintenance routines to maintain optimal system performance and security.

General Purpose

The primary purpose of KB5037933 is to address various quality and reliability issues within the .NET Framework. Notable improvements include fixes for crashes that may occur when multiple threads query the ITypeInfo implementation of the same managed type. Additionally, the update resolves significant response time regressions observed on 32-bit platforms and ensures compliance with FIPS algorithms through the use of MIST validated implementations. Furthermore, it addresses issues related to wildcard format changes in IIS 10 and resolves application crashes linked to the GetWindowText and GetWindowTextLength methods in Windows Presentation Foundation (WPF). These enhancements are designed to improve the overall stability and performance of applications relying on the .NET Framework.

General Sentiment

The general sentiment surrounding KB5037933 appears to be mixed. While many users appreciate the cumulative nature of the update, which consolidates previous security improvements, there are concerns regarding reported runtime exceptions in SQL CLR hosted scenarios. Users have experienced exceptions related to the SHA256Managed, SHA384Managed, and SHA512Managed types, which can disrupt application functionality. However, Microsoft has provided workarounds, such as marking assemblies as UNSAFE or utilizing SQL's HASHBYTES function, which have been positively received by some users. Overall, while the update is deemed necessary for security and reliability, the known issues may lead to hesitance among some users to install it immediately.

Known Issues

• Runtime exceptions in SQL CLR hosted scenarios, specifically related to SHA256Managed, SHA384Managed, and SHA512Managed types.
• Error message: System.Security.HostProtectionException: Attempted to perform an operation that was forbidden by the CLR host.
• Workaround options include marking assemblies as UNSAFE or using SQL's HASHBYTES function instead of .NET Framework's SHA-2 APIs.
• Microsoft has addressed these issues in a subsequent update (KB5043804).

Disclaimer: We take measures to ensure that AI-generated content is of the highest possible quality, but we cannot guarantee its accuracy and recommend that users do their own independent research. Generated on 2024-12-22 12:28 AM

Back to Knowledge Base Catalog