Microsoft Releases Long-Awaited Patch for Critical .NET Framework Bug Affecting Windows Server
Microsoft has finally addressed a persistent issue impacting Windows Server environments, first identified in February 2022. The bug, which caused applications utilizing the .NET Framework to encounter exceptions, failure, or termination when accessing or setting Active Directory Forest Trust information, has plagued administrators and developers for nearly three years. Some developers had reported receiving access violation errors, specifically 0xc0000005, highlighting the severity of the problem.
An urgent out-of-band update for the .NET Framework has now been released to rectify this longstanding flaw. This critical patch is detailed on the Windows Health Dashboard.
It is important to note that this fix will not be deployed automatically via Windows Update. Users are required to manually download the patch from the Microsoft Update Catalog. Following the download, administrators will need to incorporate it into their Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager for widespread deployment within their organizations.
The extended timeframe for resolution, spanning three years, raises questions about the complexity of the underlying issue or potential prioritization challenges within Microsoft’s development cycles. However, the company has not provided specific reasons for the delay. The newly released update comprehensively covers Windows Server versions from 2012 onwards, indicating a broad impact and a thorough approach to remediation.
The specific updates and their corresponding .NET Framework versions are as follows:
Windows Server 2022
.NET Framework 4.8 KB5011258
Windows Server 2019
.NET Framework 4.8 KB5011257
.NET Framework 4.7.2 KB5011259
Windows Server 2016
.NET Framework 4.8 KB5011264
.NET Framework 4.6.2, 4.7, 4.7.1, or 4.7.2 KB5011329
Windows Server 2012 R2
.NET Framework 4.8 KB5011266
.NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2 KB5011263
.NET Framework 4.5.2 KB5011261
Windows Server 2012
.NET Framework 4.8 KB5011265
.NET Framework 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, or 4.7.2 KB5011262
.NET Framework 4.5.2 KB5011260
The prolonged duration of this fix highlights the critical nature of Active Directory trust relationships for enterprise network stability and security. Issues impacting these services can lead to significant disruptions in resource accessibility and inter-domain communication. The manual deployment requirement also emphasizes the need for IT professionals to proactively manage their server update strategies, especially for critical infrastructure components like the .NET Framework.
