diff --git a/docs/framework/release-notes/2026/05-26-may-cumulative-update-preview.md b/docs/framework/release-notes/2026/05-26-may-cumulative-update-preview.md new file mode 100644 index 0000000000000..49844b0e900bd --- /dev/null +++ b/docs/framework/release-notes/2026/05-26-may-cumulative-update-preview.md @@ -0,0 +1,46 @@ +--- +title: May 2026 cumulative update preview +description: Learn about the improvements in the .NET Framework May 2026 cumulative update preview. +ms.date: 05/26/2026 +--- +# May 2026 cumulative update preview + +_Released May 26, 2026_ + +## Summary of what's new in this release + +- [Security improvements](#security-improvements) +- [Quality and reliability improvements](#quality-and-reliability-improvements) + +### Security improvements + +There are no new security improvements in this release. This update is cumulative and contains all previously released security improvements. + +### Quality and reliability improvements + +**.NET Libraries** + +- Addresses an issue with synchronous `HttpWebRequest` connections where requests could hang in specific secure connection scenarios with certain server configurations. + +**.NET Runtime** + +- Addresses an issue in the Visual Studio x86 native debugger where certain floating-point values could be reported incorrectly during step operations in mixed-code applications. + +## Known issues in this release + +This release contains no known issues. + +## Summary tables + +The following table outlines the updates in this release. + +| Product version | Cumulative update preview | +| --- | --- | +| **Windows 11, version 26H1** | | +| .NET Framework 4.8.1 | [5092431](https://support.microsoft.com/kb/5092431) | +| **Windows 11, version 25H2** | | +| .NET Framework 3.5, 4.8.1 | [5092427](https://support.microsoft.com/kb/5092427) | +| **Windows 11, version 24H2** | | +| .NET Framework 3.5, 4.8.1 | [5092430](https://support.microsoft.com/kb/5092430) | + +The operating system row lists a KB that's used for update offering purposes. When the operating system KB is offered, the applicability logic determines the specific .NET Framework update(s) installed. Updates for individual .NET Framework versions are installed based on the version of .NET Framework that is already present on the device. Because of this, the operating system KB is not expected to be listed as installed updates on the device. The expected updates installed are the .NET Framework-specific version updates listed in the previous table. diff --git a/docs/framework/release-notes/2026/07-14-july-cumulative-update.md b/docs/framework/release-notes/2026/07-14-july-cumulative-update.md new file mode 100644 index 0000000000000..378648c0d2c83 --- /dev/null +++ b/docs/framework/release-notes/2026/07-14-july-cumulative-update.md @@ -0,0 +1,156 @@ +--- +title: July 2026 cumulative update +description: Learn about the improvements in the .NET Framework July 2026 cumulative update. +ms.date: 07/14/2026 +--- +# July 2026 cumulative update + +_Released July 14, 2026_ + +## Summary of what's new in this release + +- [Security improvements](#security-improvements) +- [Quality and reliability improvements](#quality-and-reliability-improvements) + +### Security improvements + +#### CVE-2026-47302 – .NET Framework Denial of Service vulnerability + +This security update addresses a denial of service vulnerability detailed in [CVE-2026-47302](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47302). + +#### CVE-2026-47304 – .NET Framework Security Feature Bypass vulnerability + +This security update addresses a security feature bypass vulnerability detailed in [CVE-2026-47304](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47304). + +#### CVE-2026-50304 – .NET Framework Denial of Service vulnerability + +This security update addresses a denial of service vulnerability detailed in [CVE-2026-50304](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50304). + +#### CVE-2026-50324 – .NET Framework Denial of Service vulnerability + +This security update addresses a denial of service vulnerability detailed in [CVE-2026-50324](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50324). + +#### CVE-2026-50355 – .NET Framework Denial of Service vulnerability + +This security update addresses a denial of service vulnerability detailed in [CVE-2026-50355](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50355). + +#### CVE-2026-50368 – .NET Framework Denial of Service vulnerability + +This security update addresses a denial of service vulnerability detailed in [CVE-2026-50368](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50368). + +#### CVE-2026-50411 – .NET Framework Denial of Service vulnerability + +This security update addresses a denial of service vulnerability detailed in [CVE-2026-50411](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50411). + +#### CVE-2026-50525 – .NET Framework Denial of Service vulnerability + +This security update addresses a denial of service vulnerability detailed in [CVE-2026-50525](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50525). + +#### CVE-2026-50527 – .NET Framework Denial of Service vulnerability + +This security update addresses a denial of service vulnerability detailed in [CVE-2026-50527](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50527). + +#### CVE-2026-50646 – .NET Framework Elevation of Privilege vulnerability + +This security update addresses an elevation of privilege vulnerability detailed in [CVE-2026-50646](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50646). + +#### CVE-2026-50647 – .NET Framework Denial of Service vulnerability + +This security update addresses a denial of service vulnerability detailed in [CVE-2026-50647](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50647). + +#### CVE-2026-50648 – .NET Framework Denial of Service vulnerability + +This security update addresses a denial of service vulnerability detailed in [CVE-2026-50648](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50648). + +#### CVE-2026-50649 – .NET Framework Remote Code Execution vulnerability + +This security update addresses a remote code execution vulnerability detailed in [CVE-2026-50649](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50649). + +#### CVE-2026-50650 – .NET Framework Elevation of Privilege vulnerability + +This security update addresses an elevation of privilege vulnerability detailed in [CVE-2026-50650](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50650). + +#### CVE-2026-50652 – .NET Framework Denial of Service vulnerability + +This security update addresses a denial of service vulnerability detailed in [CVE-2026-50652](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50652). + +#### CVE-2026-50653 – .NET Framework Denial of Service vulnerability + +This security update addresses a denial of service vulnerability detailed in [CVE-2026-50653](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50653). + +#### CVE-2026-50659 – .NET Framework Tampering vulnerability + +This security update addresses a tampering vulnerability detailed in [CVE-2026-50659](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50659). + +#### CVE-2026-56158 – .NET Framework Remote Code Execution vulnerability + +This security update addresses a remote code execution vulnerability detailed in [CVE-2026-56158](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56158). + +### Quality and reliability improvements + +**.NET Libraries** + +- Addresses an issue with synchronous `HttpWebRequest` connections where requests could hang in specific secure connection scenarios with certain server configurations. + +**.NET Runtime** + +- Addresses an issue in the Visual Studio x86 native debugger where certain floating-point values could be reported incorrectly during step operations in mixed-code applications. + +## Known issues in this release + +This release contains no known issues. + +## Summary tables + +The following table outlines the updates in this release. + +| Product version | Cumulative update | +| --- | --- | +| **Windows 11, version 26H1** | | +| .NET Framework 4.8.1 | [5101002](https://support.microsoft.com/kb/5101002) | +| **Windows 11, version 25H2** | | +| .NET Framework 3.5, 4.8.1 | [5100998](https://support.microsoft.com/kb/5100998) | +| **Windows 11, version 24H2** | | +| .NET Framework 3.5, 4.8.1 | [5101001](https://support.microsoft.com/kb/5101001) | +| **Microsoft server operating system, version 24H2** | | +| .NET Framework 3.5, 4.8.1 | [5100998](https://support.microsoft.com/kb/5100998) | +| **Microsoft server operating system, version 23H2** | | +| .NET Framework 3.5, 4.8.1 | [5100999](https://support.microsoft.com/kb/5100999) | +| **Windows 11, version 22H2 and Windows 11, version 23H2** | | +| .NET Framework 3.5, 4.8.1 | [5101004](https://support.microsoft.com/kb/5101004) | +| **Windows Server 2022** | **[5102206](https://support.microsoft.com/kb/5102206)** | +| .NET Framework 3.5, 4.8 | [5101010](https://support.microsoft.com/kb/5101010) | +| .NET Framework 3.5, 4.8.1 | [5101005](https://support.microsoft.com/kb/5101005) | +| **Windows 10, version 22H2** | **[5102203](https://support.microsoft.com/kb/5102203)** | +| .NET Framework 3.5, 4.8 | [5101006](https://support.microsoft.com/kb/5101006) | +| .NET Framework 3.5, 4.8.1 | [5101000](https://support.microsoft.com/kb/5101000) | +| **Windows 10, version 21H2** | **[5102202](https://support.microsoft.com/kb/5102202)** | +| .NET Framework 3.5, 4.8 | [5101006](https://support.microsoft.com/kb/5101006) | +| .NET Framework 3.5, 4.8.1 | [5101000](https://support.microsoft.com/kb/5101000) | +| **Windows 10 1809 and Windows Server 2019** | **[5102201](https://support.microsoft.com/kb/5102201)** | +| .NET Framework 3.5, 4.7.2 | [5100989](https://support.microsoft.com/kb/5100989) | +| .NET Framework 3.5, 4.8 | [5101008](https://support.microsoft.com/kb/5101008) | +| **Windows 10 1607 and Windows Server 2016** | | +| .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2 | [5099535](https://support.microsoft.com/kb/5099535) | +| .NET Framework 4.8 | [5101007](https://support.microsoft.com/kb/5101007) | + +The following table is for earlier Windows and Windows Server versions for Security and Quality Rollup updates. + +| Product version | Security and quality rollup | +| --- | --- | +| **Windows Server 2012 R2** | **[5102205](https://support.microsoft.com/kb/5102205)** | +| .NET Framework 3.5 | [5100985](https://support.microsoft.com/kb/5100985) | +| .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 | [5100991](https://support.microsoft.com/kb/5100991) | +| .NET Framework 4.8 | [5101011](https://support.microsoft.com/kb/5101011) | +| **Windows Server 2012** | **[5102204](https://support.microsoft.com/kb/5102204)** | +| .NET Framework 3.5 | [5100986](https://support.microsoft.com/kb/5100986) | +| .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 | [5100990](https://support.microsoft.com/kb/5100990) | +| .NET Framework 4.8 | [5101009](https://support.microsoft.com/kb/5101009) | + +The operating system rows list a KB that's used for update-offering purposes. When the operating system KB is offered, the applicability logic determines the specific .NET Framework updates that will be installed. Updates for individual .NET Framework versions are installed based on the version of .NET Framework that's already present on the device. Because of this, the operating system KB is not expected to be listed as an installed update on the device. The expected updates to be installed are the .NET Framework specific version updates listed in the preceding table. + +This update installs the complete .NET Framework 3.5 product for Windows 11, version 26H1 (build version 28000) and newer. Unlike traditional cumulative updates that patch individual components, this delivers the full .NET Framework 3.5 product as a standalone installer. It replaces any previously installed version. + +| Product version | .NET Framework 3.5 product update | +| --- | --- | +| **Windows 11, version 26H1** | [5101014](https://support.microsoft.com/kb/5101014) | diff --git a/docs/framework/release-notes/release-notes.md b/docs/framework/release-notes/release-notes.md index d5cb13b46f6b8..c12050ae5dfb4 100644 --- a/docs/framework/release-notes/release-notes.md +++ b/docs/framework/release-notes/release-notes.md @@ -11,7 +11,9 @@ The .NET Framework updates include cumulative security and reliability improveme .NET Framework cumulative update releases are discussed in detail in the following individual release notes: -* May 12, 2026 - [cumulative update](./2026/05-12-may-cumulative-update.md) **New Release** +* July 14, 2026 - [cumulative update](./2026/07-14-july-cumulative-update.md) **New Release** +* May 26, 2026 - [cumulative update preview](./2026/05-26-may-cumulative-update-preview.md) +* May 12, 2026 - [cumulative update](./2026/05-12-may-cumulative-update.md) * April 14, 2026 - [cumulative update](./2026/04-14-april-cumulative-update.md) * February 10, 2026 - [cumulative update](./2026/02-10-february-cumulative-update.md) * January 29, 2026 - [cumulative update preview](./2026/01-29-january-cumulative-update-preview.md) diff --git a/docs/framework/toc.yml b/docs/framework/toc.yml index 9a8bd3707818b..e998bb3ca22c0 100644 --- a/docs/framework/toc.yml +++ b/docs/framework/toc.yml @@ -661,6 +661,10 @@ items: items: - name: Overview and index href: release-notes/release-notes.md + - name: July 2026 cumulative update + href: release-notes/2026/07-14-july-cumulative-update.md + - name: May 2026 cumulative update preview + href: release-notes/2026/05-26-may-cumulative-update-preview.md - name: May 2026 cumulative update href: release-notes/2026/05-12-may-cumulative-update.md - name: April 2026 cumulative update