Release Date:
February 9, 2021Version: .NET Framework 3.5, 4.7.2 and 4.8
Security ImprovementsThis security update addresses a denial of service vulnerability in .NET Framework. For more information please see CVE-2021-24111.Quality ImprovementsFor a list of improvements that were released with this update, please see the article links in the Additional Information section of this article.
Symptom| After installing this update, WPF apps may crash with a callstack similar to`
Exception Info: System.NullReferenceException at System.Windows.Interop.HwndMouseInputProvider.HasCustomChrome(System.Windows.Interop.HwndSource, RECT ByRef)
at System.Windows.Interop.HwndMouseInputProvider.GetEffectiveClientRect(IntPtr)
at System.Windows.Interop.HwndMouseInputProvider.PossiblyDeactivate(IntPtr, Boolean)
at System.Windows.Interop.HwndMouseInputProvider.Dispose()
`This occurs when disposing an HwndSource whose RootVisual is null, a situation that arises in Visual Studio when docking or splitting windows, and could arise in other apps.
â|â
Workaround| This issue was resolved in KB4601558 for .NET Framework 4.7.2, and KB4601555 for .NET Framework 4.8.
The following articles contain additional information about this update as it relates to individual product versions.