Release Date:
February 9, 2021Version: .NET Framework 3.5 and 4.8
This security update addresses a denial of service vulnerability in .NET Framework. For more information please see CVE-2021-24111.
Symptom| After installing this update, WPF apps may crash with a callstack similar to`
Exception Info: System.NullReferenceException at System.Windows.Interop.HwndMouseInputProvider.HasCustomChrome(System.Windows.Interop.HwndSource, RECT ByRef)
at System.Windows.Interop.HwndMouseInputProvider.GetEffectiveClientRect(IntPtr)
at System.Windows.Interop.HwndMouseInputProvider.PossiblyDeactivate(IntPtr, Boolean)
at System.Windows.Interop.HwndMouseInputProvider.Dispose()
`This occurs when disposing an HwndSource whose RootVisual is null, a situation that arises in Visual Studio when docking or splitting windows, and could arise in other apps.
â|â
Workaround| This issue was resolved in KB4601554.
Install this update****Release Channel | Available | Next Step |
---|---|---|
Windows Update and Microsoft Update | Yes | None. This update will be downloaded and installed automatically from Windows Update. |
Microsoft Update Catalog | Yes | To get the standalone package for this update, go to the Microsoft Update Catalog website. |
Windows Server Update Services (WSUS) | Yes | This update will automatically sync with WSUS if you configure Products and Classifications as follows:Product: Windows 10, version 2004, Windows Server, version 2004, Windows 10, version 20H2, and Windows Server, version 20H2Classification: Security Updates File informationFor a list of the files that are provided in this update, download the file information for cumulative update. |