Today marks the first release of the new .NET Framework Monthly Rollup. Here’s what went into the release:
Microsoft Security Bulletin MS16-120 – Important: Security Update for Microsoft Graphics Component (3192884)
This update resolves vulnerabilities in Microsoft Windows, Microsoft Office, Skype for Business, Silverlight, Microsoft Lync, and the Microsoft .NET Framework. The vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. This update addresses the vulnerabilities by correcting how the Windows font library handles embedded fonts. To learn more about the vulnerability, see Microsoft Security Bulletin MS16-120.
This release contains all of the quality updates shipped to date for the .NET Framework 4.x. These updates provides important reliability improvements, based on customer-reported issues. These updates have previously been called limited distribution release (LDR) updates, if you are more familiar with that term.
The release does not contain quality updates for the .NET Framework 3.5.
How to download the update
The product improvements are available in two flavors:
- Security and Quality Rollup (recommended for most users)
- Security-Only Update
The .NET Framework Security and Quality Rollup is available on Windows Update, Windows Server Update Services and Microsoft Update Catalog.
The Security-Only Update is available on Windows Server Update Services and Microsoft Update Catalog.