Runtime Changes for Migration from .NET Framework 4.5 to 4.6.2

Introduction

Runtime changes affect all apps that are running under a .NET Framework it was not compiled against and that use a particular feature.

In the topics that describe runtime changes, we have classified individual items by their expected impact, as follows:

Major This is a significant change that affects a large number of apps or that requires substantial modification of code.

Minor This is a change that affects a small number of apps or that requires minor modification of code.

Edge case This is a change that affects apps under very specific scenarios that are not common.

Transparent This is a change that has no noticeable effect on the app's developer or user. The app should not require modification because of this change.

If you are migrating from the .NET Framework 4.5 to 4.6.2, review the following topics for application compatibility issues that may affect your app:

ADO.NET

ADO.NET now attempts to automatically reconnect broken SQL connections

Details Beginning in the .NET Framework 4.5.1, the .NET Framework will attempt to automatically reconnect broken SQL connections. Although this will typically make apps more reliable, there are edge cases in which an app needs to know that the connection was lost so that it can take some action upon reconnection.
Suggestion If this feature is undesirable due to compatibility concerns, it can be disabled by setting the ConnectRetryCount property of a connection string (or SqlConnectionStringBuilder) to 0.
Scope Edge
Version 4.5.1
Type Runtime
Affected APIs

ASP.NET

ASP.NET MVC now escapes spaces in strings passed in via route parameters

Details In order to conform to RFC 2396, spaces in route paths are now escaped when populating action parameters from a route. So, whereas /controller/action/some data would previously match the route /controller/action/{data} and provide some data as the data parameter, it will now provide some%20data instead.
Suggestion Code should be updated to unescape string parameters from a route. If the original URI is needed, it can be accessed with the RequestUri.OriginalString API.
Scope Minor
Version 4.5.2
Type Runtime
Affected APIs

GridViews with AllowCustomPaging set to true may fire the PageIndexChanging event when leaving the final page of the view

Details A bug in the .NET Framework 4.5 causes PageIndexChanging to sometimes not fire for GridViews that have enabled AllowCustomPaging.
Suggestion This issue has been fixed in the .NET Framework 4.6 and may be addressed by upgrading to that version of the .NET Framework. As a work-around, the app can do an explicit BindGrid on any Page_Load that would hit these conditions (the GridView is on the last page and LastPageSize is different from PageSize). Alternatively, the app can be modified to allow paging (instead of custom paging), as that scenario does not demonstrate the problem.
Scope Minor
Version 4.5
Type Runtime
Affected APIs

No longer able to set EnableViewStateMac to false

Details ASP.NET no longer allows developers to specify <pages enableViewStateMac="false"/> or <@Page EnableViewStateMac="false" %>. The view state message authentication code (MAC) is now enforced for all requests with embedded view state. Only apps that explicitly set the EnableViewStateMac property to false are affected.
Suggestion EnableViewStateMac must be assumed to be true, and any resulting MAC errors must be resolved (as explained in this guidance, which contains multiple resolutions depending on the specifics of what is causing MAC errors).
Scope Major
Version 4.5.2
Type Runtime

Profiling ASP.Net MVC4 apps can lead to Fatal Execution Engine Error

Details Profilers using NGEN /Profile assemblies may crash profiled ASP.NET MVC4 applications on startup with a 'Fatal Execution Engine Exception'
Suggestion This issue is fixed in the .NET Framework 4.5.2. Alternatively, the profiler may avoid this issue by specifying COR_PRF_DISABLE_ALL_NGEN_IMAGES in its event mask.
Scope Edge
Version 4.5
Type Runtime

Core

AppDomainSetup.DynamicBase is no longer randomized by UseRandomizedStringHashAlgorithm

Details Prior to the .NET Framework 4.6, the value of DynamicBase would be randomized between application domains, or between processes, if UseRandomizedStringHashAlgorithm was enabled in the app's config file. Beginning in the .NET Framework 4.6, DynamicBase will return a stable result between different instances of an app running, and between different app domains. Dynamic bases will still differ for different apps; this change only removes the random naming element for different instances of the same app.
Suggestion Be aware that enabling UseRandomizedStringHashAlgorithm will not result in DynamicBase being randomized. If a random base is needed, it must be produced in your app's code rather than via this API.
Scope Edge
Version 4.6
Type Runtime
Affected APIs

Calling Attribute.GetCustomAttributes on an indexer property no longer throws AmbiguousMatchException if the ambiguity can be resolved by index's type

Details Prior to the .NET Framework 4.6, calling GetCustomAttribute(s) on an indexer property which differed from another property only by the type of the index would result in an AmbiguousMatchException. Beginning in the .NET Framework 4.6, the property's attributes will be correctly returned.
Suggestion Be aware that GetCustomAttribute(s) will work more frequently now. If an app was previously relying on the AmbiguousMatchException, reflection should now be used to explicitly look for multiple indexers, instead.
Scope Edge
Version 4.6
Type Runtime
Affected APIs

ConcurrentQueue<T>.TryPeek can return an erroneous null via its out parameter

Details In some multi-threaded scenarios, TryPeek(T) can return true, but populate the out parameter with a null value (instead of the correct, peeked value).
Suggestion This issue is fixed in the .NET Framework 4.5.1. Upgrading to that Framework will solve the issue.
Scope Major
Version 4.5
Type Runtime
Affected APIs

Deserialization of objects across appdomains can fail

Details In some cases, when an app uses two or more app domains with different application bases, trying to deserialize objects in the logical call context across app domains throws an exception.
Suggestion See Mitigation: Deserialization of Objects Across App Domains
Scope Edge
Version 4.5.1
Type Runtime

ETW EventListeners do not capture events from providers with explicit keywords (like the TPL provider)

Details ETW EventListeners with a blank keyword mask do not properly capture events from providers with explicit keywords. In the .NET Framework 4.5, the TPL provider began providing explicit keywords and triggered this issue. In the .NET Framework 4.6, EventListeners have been updated to no longer have this issue.
Suggestion To work around this problem, replace calls to EnableEvents(EventSource, EventLevel) with calls to the EnableEvents overload that explicitly specifies the "any keywords" mask to use: EnableEvents(eventSource, level, unchecked((EventKeywords)0xFFFFffffFFFFffff)).Alternatively, this issue has been fixed in the .NET Framework 4.6 and may be addressed by upgrading to that version of the .NET Framework.
Scope Edge
Version 4.5
Type Runtime
Affected APIs

EventListener truncates strings with embedded nulls

Details EventListener truncates strings with embedded nulls. Null characters are not supported by the EventSource class. The change only affects apps that use EventListener to read EventSource data in process and that use null characters as delimiters.
Suggestion EventSource data should be updated, if possible, to not use embedded null characters.
Scope Edge
Version 4.5.1
Type Runtime
Affected APIs

EventSource.WriteEvent impls must pass WriteEvent the same parameters that it received (plus ID)

Details The runtime now enforces the contract that specifies the following: A class derived from EventSource that defines an ETW event method must call the base class EventSource.WriteEvent method with the event ID followed by the same arguments that the ETW event method was passed.
Suggestion An IndexOutOfRangeException exception is thrown if an EventListener reads EventSource data in process for an event source that violates this contract.
Scope Minor
Version 4.5.1
Type Runtime

Marshal.SizeOf and Marshal.PtrToStructure overloads break dynamic code

Details Beginning in the .NET Framework 4.5.1, dynamically binding to the methods SizeOf<T>(), SizeOf<T>(T), PtrToStructure(IntPtr, Object), PtrToStructure(IntPtr, Type), PtrToStructure<T>(IntPtr), or PtrToStructure<T>(IntPtr, T), (via Windows PowerShell, IronPython, or the C# dynamic keyword, for example) can result in MethodInvocationExceptions because new overloads of these methods have been added that may be ambiguous to the scripting engines.
Suggestion Update scripts to clearly indicate which overload should be used. This can typically done by explicitly casting the methods' type parameters as Type. See this link for more detail and examples of how to workaround the issue.
Scope Minor
Version 4.5.1
Type Runtime

Persian calendar now uses the Hijri solar algorithm

Details Starting with the .NET Framework 4.6, the PersianCalendar class uses the Hijri solar algorithm. Converting dates between the PersianCalendar and other calendars may produce a slightly different result beginning with the .NET Framework 4.6 for dates earlier than 1800 or later than 2023 (Gregorian).Also, PersianCalendar.MinSupportedDateTime is now March 22, 0622 instead of March 21, 0622.
Suggestion Be aware that some early or late dates may be slightly different when using the PersianCalendar in .NET Framework 4.6. Also, when serializing dates between processes which may run on different .NET Framework versions, do not store them as PersianCalendar date strings (since those values may be different).
Scope Minor
Version 4.6
Type Runtime
Affected APIs

Reflection objects can no longer be passed from managed code to out-of-process DCOM clients

Details Reflection objects can no longer be passed from managed code to out-of-process DCOM clients. The following types are affected:Calls to IMarshal for the object return E_NOINTERFACE.
Suggestion Update marshaling code to work with non-reflection objects
Scope Minor
Version 4.6
Type Runtime

Some .NET APIs cause first chance (handled) EntryPointNotFoundExceptions

Details In the .NET Framework 4.5, a small number of .NET methods began throwing first chance EntryPointNotFoundExceptions. These exceptions were handled within the .NET Framework, but could break test automation that did not expect the first chance exceptions. These same APIs break some ApiVerifier scenarios when HighVersionLie is enabled.
Suggestion This bug can be avoided by upgrading to .NET Framework 4.5.1. Alternatively, test automation can be updated to not break on first-chance EntryPointNotFoundExceptions.
Scope Edge
Version 4.5
Type Runtime
Affected APIs

TargetFrameworkName for default app domain no longer defaults to null if not set

Details The TargetFrameworkName was previously null in the default app domain, unless it was explicitly set. Beginning in 4.6, the TargetFrameworkName property for the default app domain will have a default value derived from the TargetFrameworkAttribute (if one is present). Non-default app domains will continue to inherit their TargetFrameworkName from the default app domain (which will not default to null in 4.6) unless it is explicitly overridden.
Suggestion Code should be updated to not depend on TargetFrameworkName defaulting to null. If it is required that this property continue to evaluate to null, it can be explicitly set to that value.
Scope Edge
Version 4.6
Type Runtime
Affected APIs

WinRT stream adapters no long call FlushAsync automatically on close

Details In Windows Store apps, Windows Runtime stream adapters no longer call the FlushAsync method from the Dispose method.
Suggestion This change should be transparent. Developers can restore the previous behavior by writing code like this:
using (var stream = GetWindowsRuntimeStream() as Stream)
{
// do something
await stream.FlushAsync();
}
Scope Transparent
Version 4.5.1
Type Runtime

X509Certificate2.ToString(Boolean) does not throw now when .NET cannot handle the certificate

Details In .NET Framework 4.5.2 and earlier versions, this method would throw if true was passed for the verbose parameter and there were certificates installed that weren't supported by the .NET Framework. Now, the method will succeed and return a valid string that omits the inaccessible portions of the certificate.
Suggestion Any code depending on X509Certificate2.ToString(Boolean) should be updated to expect that the returned string may exclude some certificate data (such as public key, private key, and extensions) in some cases in which the API would have previously thrown.
Scope Edge
Version 4.6
Type Runtime
Affected APIs

Data

ADO.NET now attempts to automatically reconnect broken SQL connections

Details Beginning in the .NET Framework 4.5.1, the .NET Framework will attempt to automatically reconnect broken SQL connections. Although this will typically make apps more reliable, there are edge cases in which an app needs to know that the connection was lost so that it can take some action upon reconnection.
Suggestion If this feature is undesirable due to compatibility concerns, it can be disabled by setting the ConnectRetryCount property of a connection string (or SqlConnectionStringBuilder) to 0.
Scope Edge
Version 4.5.1
Type Runtime
Affected APIs

Connection pool blocking period for Azure SQL databases is removed

Details Starting with the .NET Framework 4.6.2, for connection open requests to known Azure SQL databases (*.database.windows.net, *.database.chinacloudapi.cn, *.database.usgovcloudapi.net, *.database.cloudapi.de), the connection pool blocking period is removed, and connection open errors are not cached. Attempts to retry connection open requests will occur almost immediately after transient connection errors. This change allows the connection open attempt to be retried immediately for Azure SQL databases, thereby improving the performance of cloud- enabled apps. For all other connection attempts, the connection pool blocking period continues to be enforced.

In the .NET Framework 4.6.1 and earlier versions, when an app encounters a transient connection failure when connecting to a database, the connection attempt cannot be retried quickly, because the connection pool caches the error and re-throws it for 5 seconds to 1 minute. For more information, see SQL Server Connection Pooling (ADO.NET). This behavior is problematic for connections to Azure SQL databases, which often fail with transient errors that are typically recovered from within a few seconds. The connection pool blocking feature means that the app cannot connect to the database for an extensive period, even though the database is available and the app needs to render within a few seconds.

Suggestion If this behavior is undesirable, the connection pool blocking period can be configured by setting the PoolBlockingPeriod property introduced in the .NET Framework 4.6.2. The value of the property is a member of the PoolBlockingPeriod enumeration that can take either of three values:The previous behavior can be restored by setting the PoolBlockingPeriod property to AlwaysBlock.
Scope Minor
Version 4.6.2
Type Runtime
Affected APIs

SqlConnection.Open fails on Windows 7 with non-IFS Winsock BSP or LSP present

Details Open() and OpenAsync(CancellationToken) fail in the .NET Framework 4.5 if running on a Windows 7 machine with a non-IFS Winsock BSP or LSP are present on the computer.To determine whether a non-IFS BSP or LSP is installed, use the netsh WinSock Show Catalog command, and examine every Winsock Catalog Provider Entry item that is returned. If the Service Flags value has the 0x20000 bit set, the provider uses IFS handles and will work correctly. If the 0x20000 bit is clear (not set), it is a non-IFS BSP or LSP.
Suggestion This bug has been fixed in the .NET Framework 4.5.2, so it can be avoided by upgrading the .NET Framework. Alternatively, it can be avoided by removing any installed non-IFS Winsock LSPs.
Scope Minor
Version 4.5
Type Runtime
Affected APIs

Debugger

Null coalescer values are not visible in debugger until one step later

Details A bug in the .NET Framework 4.5 causes values set via a null coalescing operation to not be visible in the debugger immediately after the assignment operation is executed when running on the 64-bit version of the Framework.
Suggestion Stepping one additional time in the debugger will cause the local/field's value to be correctly updated. Also, this issue has been fixed in the .NET Framework 4.6; upgrading to that version of the Framework should solve the issue.
Scope Edge
Version 4.5
Type Runtime

Entity Framework

EF no longer throws for QueryViews with specific characteristics

Details Entity Framework no longer throws a StackOverflowException exception when an app executes a query that involves a QueryView with a 0..1 navigation property that attempts to include the related entities as part of the query. For example, by calling .Include(e => e.RelatedNavProp).
Suggestion This change only affects code that uses QueryViews with 1-0..1 relationships when running queries that call .Include. It improves reliability and should be transparent to almost all apps. However, if it causes unexpected behavior, you can disable it by adding the following entry to the <appSettings> section of the app's configuration file:
<add key="EntityFramework_SimplifyUserSpecifiedViews" value="false" />
Scope Edge
Version 4.5.2
Type Runtime

Opt-in break to revert from different 4.5 SQL generation to simpler 4.0 SQL generation

Details Queries that produce JOIN statements and contain a call to a limiting operation without first using OrderBy now produce simpler SQL. After upgrading to .NET Framework 4.5, these queries produced more complicated SQL than previous versions.
Suggestion This feature is disabled by default. If Entity Framework generates extra JOIN statements that cause performance degradation, you can enable this feature by adding the following entry to the <appSettings> section of the application configuration (app.config) file:
<add key="EntityFramework_SimplifyLimitOperations" value="true" />
Scope Transparent
Version 4.5.2
Type Runtime

Globalization

Unicode standard version 8.0 categories now supported

Details In .NET Framework 4.6.2, Unicode data has been upgraded from Unicode Standard version 6.3 to version 8.0. When requesting Unicode character categories in .NET Framework 4.6.2, some results might not match the results in previous .NET Framework versions. This change mostly affects Cherokee syllables and New Tai Lue vowels signs and tone marks.
Suggestion Review code and remove/change logic that depends on hard-coded Unicode character categories.
Scope Minor
Version 4.6.2
Type Runtime
Affected APIs

Networking

ContentDisposition DateTimes returns slightly different string

Details String representations of ContentDisposition's have been updated, beginning in 4.6, to always represent the hour component of a DateTime with two digits. This is to comply with RFC822 and RFC2822. This causes ToString() to return a slightly different string in 4.6 in scenarios where one of the disposition's time elements was before 10:00 AM. Note that ContentDispositions are sometimes serialized via converting them to strings, so any ToString() operations, serialization, or GetHashCode calls should be reviewed.
Suggestion Do not expect that string representations of ContentDispositions from different .NET Framework versions will correctly compare to one another. Convert the strings back to ContentDispositions, if possible, before conducting a comparison.
Scope Minor
Version 4.6
Type Runtime
Affected APIs

Security

RSACng and DSACng are once again usable in Partial Trust scenarios

Details CngLightup (used in several higher-level crypto apis, such as System.Security.Cryptography.Xml.EncryptedXml) and System.Security.Cryptography.RSACng in some cases rely on full trust. These include P/Invokes without asserting SecurityPermissionFlag.UnmanagedCode permissions, and code paths where System.Security.Cryptography.CngKey has permission demands for SecurityPermissionFlag.UnmanagedCode. Starting with the .NET Framework 4.6.2, CngLightup was used to switch to System.Security.Cryptography.RSACng wherever possible. As a result, partial trust apps that successfully used System.Security.Cryptography.Xml.EncryptedXml began to fail and throw SecurityException exceptions.This change adds the required asserts so that all functions using CngLightup have the required permissions.
Suggestion If this change in the .NET Framework 4.6.2 has negatively impacted your partial trust apps, upgrade to the .NET Framework 4.7.1.
Scope Edge
Version 4.6.2
Type Runtime
Affected APIs

RSACng.VerifyHash now returns False for any verification failure

Details Starting with the .NET Framework 4.6.2, this method returns False if the signature itself is badly formatted. It now returns false for any verification failure.In the .NET Framework 4.6 and 4.6.1, the method throws a CryptographicException if the signature itself is badly formatted.
Suggestion Any code whose execution depends on handling the CryptographicException should instead execute if validation fails and the method returns False.
Scope Minor
Version 4.6.2
Type Runtime
Affected APIs

SignedXml and EncryptedXml Breaking Changes

Details In .NET Framework 4.6.2, Security fixes in SignedXml and EncryptedXml lead to different run-time behaviors. For example,
  • If a document has multiple elements with the same id attribute and a signature targets one of those elements as the root of the signature, the document will now be considered invalid.
  • Documents using non-canonical XPath transform algorithms in references are now considered invalid.
  • Documents using non-canonical XSLT transform algorithms in references are now consider invalid.
  • Any program making use of external resource detached signatures will be unable to do so.
Suggestion Developers might want to review the usage of XmlDsigXsltTransform and XmlDsigXsltTransform, as well as types derived from Transform since a document receiver may not be able to process it.
Scope Minor
Version 4.6.2
Type Runtime
Affected APIs

Serialization

Exception message has changed for failed DataContract serialization in case of an unknown type

Details Beginning in the .NET Framework 4.6, the exception message given if a DataContractSerializer or DataContractJsonSerializer fails to serialize or deserialize due to missing 'known types' has been clarified.
Suggestion Apps should not depend on specific exception messages. If an app depends on this message, either update it to expect the new message or (preferably) change it to depend only on the exception type.
Scope Edge
Version 4.6
Type Runtime
Affected APIs

NetDataContractSerializer fails to deserialize a ConcurrentDictionary serialized with a different .NET version

Details By design, the NetDataContractSerializer can be used only if both the serializing and deserializing ends share the same CLR types. Therefore, it is not guaranteed that an object serialized with one version of the .NET Framework can be deserialized by a different version.ConcurrentDictionary<TKey,TValue> is a type that is known to not to deserialize correctly if serialized with the .NET Framework 4.5 or earlier and deserialized with the .NET Framework 4.5.1 or later.
Suggestion There are a number of possible work-arounds for this issue:
Scope Minor
Version 4.5.1
Type Runtime
Affected APIs

Setup and Deployment

Product versioning changes in the .NET Framework 4.6 and later versions

Details Product versioning has changed from the previous releases of the .NET Framework, and particularly from the .NET Framework 4, 4.5, 4.5.1, and 4.5.2.The following are the detailed changes:
  • The value of the Version entry in the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full key has changed to 4.6.xxxxx for the .NET Framework 4.6 and its point releases, and to 4.7.xxxxx for the .NET Framework 4.7 and 4.7.1. In the .NET Framework 4.5, 4.5.1, and 4.5.2, it had the format 4.5.xxxxx.
  • The file and product versioning for .NET Framework files has changed from the earlier versioning scheme of 4.0.30319.x to 4.6.X.0 for the .NET Framework 4.6 and its point releases, and to 4.7.X.0 for the .NET Framework 4.7 and 4.7.1. You can see these new values when you view the file's Properties after right-clicking on a file.
  • The AssemblyFileVersionAttribute and AssemblyInformationalVersionAttribute attributes for managed assemblies have Version values in the form 4.6.X.0 for the .NET Framework 4.6 and its point releases, and 4.7.X.0 for the .NET Framework 4.7 and 4.7.1.
  • In the .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1, the Environment.Version property returns the fixed version string 4.0.30319.42000. In the .NET Framework 4, 4.5, 4.5.1, and 4.5.2, it returns version strings in the format 4.0.30319.xxxxx (for example, "4.0.30319.18010"). Note that we do not recommend application code taking any new dependency on the Environment.Version property.
For more information, see How to: Determine which .NET Framework Versions Are Installed.
Suggestion In general, applications should depend on the recommended techniques for detecting such things as the runtime version of the .NET Framework and the installation directory:
[!IMPORTANT] The subkey name is NET Framework Setup, not .NET Framework Setup.
  • To determine the directory path to the .NET Framework common language runtime, call the RuntimeEnvironment.GetRuntimeDirectory() method.
  • To get the CLR version, call the RuntimeEnvironment.GetSystemVersion() method. For the .NET Framework 4 and its point releases (the .NET Framework 4.5, 4.5.1, 4.5.2, and .NET Framework 4.6, 4.6.1, 4.6.2, 4.7, and 4.7.1), it returns the string v4.0.30319.
Scope Minor
Version 4.6
Type Runtime

The .NET Framework 4.6 does not use a 4.5.x.x version when registering itself in the registry

Details As one might expect, the version key set in the registry (at HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\NET Framework Setup\NDP\v4\Full) for the .NET Framework 4.6 begins with '4.6', not '4.5'. Apps that depend on these registry keys to know which .NET Framework versions are installed on a machine should be updated to understand that 4.6 is a new possible version, and one that is compatible with previous 4.5.x releases.
Suggestion Update apps probing for a .NET Framework 4.5 install by looking for 4.5 registry keys to also accept 4.6.
Scope Edge
Version 4.6
Type Runtime

Tools

Contract.Invariant or Contract.Requires<TException> do not consider String.IsNullOrEmpty to be pure

Details For apps that target the .NET Framework 4.6.1, if the invariant contract for Contract.Invariant or the precondition contract for Requires calls the String.IsNullOrEmpty method, the rewriter emits compiler warning CC1036: "Detected call to method 'System.String.IsNullOrWhteSpace(System.String)' without [Pure] in method." This is a compiler warning rather than a compiler error.
Suggestion This behavior was addressed in GitHub Issue #339. To eliminate this warning, you can download and compile an updated version of the source code for the Code Contracts tool from GitHub. Download information is found at the bottom of the page.
Scope Minor
Version 4.6.1
Type Runtime
Affected APIs

Windows Communication Foundation (WCF)

MinFreeMemoryPercentageToActiveService is now respected

Details This setting establishes the minimum memory that must be available on the server before a WCF service can be activated. It is designed to prevent OutOfMemoryException exceptions. In the .NET Framework 4.5, this setting had no effect. In the .NET Framework 4.5.1, the setting is observed.
Suggestion An exception occurs if the free memory available on the web server is less than the percentage defined by the configuration setting. Some WCF services that successfully started and ran in a constrained memory environment may now fail.
Scope Minor
Version 4.5.1
Type Runtime

Remove Ssl3 from the WCF TransportDefaults

Details When using NetTcp with transport security and a credential type of certificate, the SSL 3 protocol is no longer a default protocol used for negotiating a secure connection. In most cases there should be no impact to existing apps as TLS 1.0 has always been included in the protocol list for NetTcp. All existing clients should be able to negotiate a connection using at least TLS1.0.
Suggestion If Ssl3 is required, use one of the following configuration mechanisms to add Ssl3 to the list of negotiated protocols.
  • SslProtocols
  • SslProtocols
  • <
  • [<sslStreamSecurity> section of <customBinding>]~/docs/framework/configure-apps/file-schema/wcf/sslstreamsecurity.md)
Scope Edge
Version 4.6.2
Type Runtime
Affected APIs

WCF services that use NETTCP with SSL security and MD5 certificate authentication

Details The .NET Framework 4.6 adds TLS 1.1 and TLS 1.2 to the WCF SSL default protocol list. When both client and server machines have the .NET Framework 4.6 or later installed, TLS 1.2 is used for negotiation.TLS 1.2 does not support MD5 certificate authentication. As a result, if a customer uses an MD5 certificate, the WCF client will fail to connect to the WCF service.
Suggestion You can work around this issue so that a WCF client can connect to a WCF server by doing any of the following:
  • Update the certificate to not use the MD5 algorithm. This is the recommended solution.
  • If the binding is not dynamically configured in source code, update the application's configuration file to use TLS 1.1 or an earlier version of the protocol. This allows you to continue to use a certificate with the MD5 hash algorithm.
[!WARNING] This workaround is not recommended, since a certificate with the MD5 hash algorithm is considered insecure.
The following configuration file does this:
<configuration>
<system.serviceModel>
<bindings>
<netTcpBinding>
<binding>
<security mode= "None/Transport/Message/TransportWithMessageCredential" >
<transport clientCredentialType="None/Windows/Certificate"
protectionLevel="None/Sign/EncryptAndSign"
sslProtocols="Ssl3/Tls1/Tls11">
</transport>
</security>
</binding>
</netTcpBinding>
</bindings>
</system.ServiceModel>
</configuration>
[!WARNING] This workaround is not recommended, since a certificate with the MD5 hash algorithm is considered insecure.
Scope Minor
Version 4.6
Type Runtime

Windows Presentation Foundation (WPF)

Accessing a WPF DataGrid's selected items from a handler of the DataGrid's UnloadingRow event can cause a NullReferenceException

Details Due to a bug in the .NET Framework 4.5, event handlers for DataGrid events involving the removal of a row can cause a NullReferenceException to be thrown if they access the DataGrid's SelectedItem or SelectedItems properties.
Suggestion This issue has been fixed in the .NET Framework 4.6 and may be addressed by upgrading to that version of the .NET Framework.
Scope Minor
Version 4.5
Type Runtime
Affected APIs

Calling DataGrid.CommitEdit from a CellEditEnding handler drops focus

Details Calling CommitEdit() from one of the DataGrid's CellEditEnding event handlers causes the DataGrid to lose focus.
Suggestion This bug has been fixed in the .NET Framework 4.5.2, so it can be avoided by upgrading the .NET Framework. Alternatively, it can be avoided by explicitly re-selecting the DataGrid after calling CommitEdit().
Scope Edge
Version 4.5
Type Runtime
Affected APIs

Calling Items.Refresh on a WPF ListBox, ListView, or DataGrid with items selected can cause duplicate items to appear in the element

Details In the .NET Framework 4.5, calling ListBox.Items.Refresh from code while items are selected in a ListBox can cause the selected items to be duplicated in the list. A similar issue occurs with ListView and DataGrid. This is fixed in the .NET Framework 4.6.
Suggestion This issue may be worked around by programatically unselecting items before Refresh() is called and then re-selecting them after the call is completed. Alternatively, this issue has been fixed in the .NET Framework 4.6 and may be addressed by upgrading to that version of the .NET Framework.
Scope Minor
Version 4.5
Type Runtime
Affected APIs

Changing the IsEnabled property of the parent of a TextBlock control affects any child controls

Details Starting with the .NET Framework 4.6.2, changing the IsEnabled property of the parent of a TextBlock control affects any child controls (such as hyperlinks and buttons) of the TextBlock control.In the .NET Framework 4.6.1 and earlier versions, controls inside a TextBlock did not always reflect the state of the IsEnabled property of the TextBlock parent.
Suggestion None. This change conforms to the expected behavior for controls inside a TextBlock control.
Scope Minor
Version 4.6.2
Type Runtime
Affected APIs

DataGridCellsPanel.BringIndexIntoView throws ArgumentOutOfRangeException

Details ScrollIntoView(Object) will work asynchronously when column virtualization is enabled but the column widths have not yet been determined. If columns are removed before the asynchronous work happens, an ArgumentOutOfRangeException can occur.
Suggestion Any one of the following:
  1. Upgrade to .NET Framework 4.7.
  2. Install the latest servicing patch for .NET Framework 4.6.2.
  3. Avoid removing columns until the asynchronous response to ScrollIntoView(Object) has completed.
Scope Edge
Version 4.6.2
Type Runtime
Affected APIs

Horizontal scrolling and virtualization

Details This change applies to an ItemsControl that does its own virtualization in the direction orthogonal to the main scrolling direction (the chief example is DataGrid with EnableColumnVirtualization="True"). The outcome of certain horizontal scrolling operations has been changed to produce results that are more intuitive and more analogous to the results of comparable vertical operations.

The operations include "Scroll Here" and "Right Edge", to use the names from the menu obtained by right-clicking a horizontal scrollbar. Both of these compute a candidate offset and call SetHorizontalOffset(Double).

After scrolling to the new offset, the notion of "here" or "right edge" may have changed because newly de-virtualized content has changed the value of ExtentWidth.

Prior to .NET Framework 4.6.2, the scroll operation simply uses the candidate offset, even though it may not be "here" or at the "right edge" any more. This results in effects like "bouncing" the scroll thumb, best illustrated by example. Suppose a DataGrid has ExtentWidth=1000 and Width=200. A scroll to "Right Edge" uses candidate offset 1000 - 200 = 800. While scrolling to that offset, new columns are de- virtualized; let's suppose they are very wide, so that the ExtentWidth changes to 2000. The scroll ends with HorizontalOffset=800, and the thumb "bounces" back to near the middle of the scrollbar - precisely at 800/2000 = 40%.

The change is to recompute a new candidate offset when this situation occurs, and try again. (This is how vertical scrolling works already.)

The change produces a more predictable and intuitive experience for the end user, but it could also affect any app that depends on the exact value of HorizontalOffset after a horizontal scroll, whether invoked by the end user or by an explicit call to SetHorizontalOffset(Double).

Suggestion An app that uses a predicted value for HorizontalOffset should be changed to fetch the actual value (and the value of ExtentWidth) after any horizontal scroll that could change ExtentWidth due to de-virtualization.
Scope Minor
Version 4.6.2
Type Runtime
Affected APIs

Intermittently unable to scroll to bottom item in ItemsControls (like ListBox and DataGrid) when using custom DataTemplates

Details In some instances, a bug in the .NET Framework 4.5 is causing ItemsControls (like ListBox, ComboBox, DataGrid, etc.) to not scroll to their bottom item when using custom DataTemplates. If the scrolling is attempted a second time (after scrolling back up), it will work then.
Suggestion This issue has been fixed in the .NET Framework 4.5.2 and may be addressed by upgrading to that version (or a later version) of the .NET Framework. Alternatively, users can still drag scroll bars to the final items in these collections, but may need to try twice to do so successfully.
Scope Minor
Version 4.5
Type Runtime

Items.Clear does not remove duplicates from SelectedItems

Details Suppose a Selector (with multiple selection enabled) has duplicates in its SelectedItems collection - the same item appears more than once. Removing those items from the data source (e.g. by calling Items.Clear) fails to remove them from SelectedItems; only the first instance is removed. Furthermore, subsequent use of SelectedItems (e.g. SelectedItems.Clear()) can encounter problems such as ArgumentException, because SelectedItems contains items that are no longer in the data source.
Suggestion Upgrade if possible to .NET Framework 4.6.2.
Scope Minor
Version 4.5
Type Runtime
Affected APIs

ListBoxItem IsSelected binding issue with ObservableCollection<T>.Move

Details Calling Move(Int32, Int32) or MoveItem(Int32, Int32) on a collection bound to a ListBox with items selected can lead to erratic behavior with future selection or unselection of ListBox items.
Suggestion Calling Remove(T) and Insert(Int32, T) instead of Move(Int32, Int32) will work around this issue. Alternatively, this issue has been fixed in the .NET Framework 4.6 and may be addressed by upgrading to that version of the .NET Framework.
Scope Minor
Version 4.5
Type Runtime
Affected APIs

ObjectDisposedException thrown by WPF spellchecker

Details WPF applications occasionally crash during application shutdown with an ObjectDisposedException thrown by the spellchecker. This is fixed in .NET Framework 4.7 WPF by handling the exception gracefully, and thus ensuring that applications are no longer adversely affected. It should be noted that occasional first-chance exceptions would continue to be observed in applications running under a debugger.
Suggestion Upgrade to .NET Framework 4.7
Scope Edge
Version 4.6.1
Type Runtime

RibbonGroup background is set to transparent in localized builds

Details RibbonGroup background on localized builds was always painted with Transparent brush, resulting in poor UI experience. This is fixed in .NET Framework 4.7 WPF fix by updating the localized resources for RibbonGroup, which in turn ensures that the correct brush is selected.
Suggestion Upgrade to .NET Framework 4.7
Scope Edge
Version 4.6.2
Type Runtime

Right clicking on a WPF DataGrid row header changes the DataGrid selection

Details Right-clicking a selected DataGrid row header while multiple rows are selected results in the DataGrid's selection changing to only that row.
Suggestion This issue has been fixed in the .NET Framework 4.6 and may be addressed by upgrading to that version of the .NET Framework.
Scope Edge
Version 4.5
Type Runtime
Affected APIs

Scrolling a WPF TreeView or grouped ListBox in a VirtualizingStackPanel can cause a hang

Details In the .NET Framework v4.5, scrolling a WPF TreeView in a virtualized stack panel can cause hangs if there are margins in the viewport (between the items in the TreeView, for example, or on an ItemsPresenter element). Additionally, in some cases, different sized items in the view can cause instability even if there are no margins.
Suggestion This bug can be avoided by upgrading to .NET Framework 4.5.1. Alternatively, margins can be removed from view collections (like TreeViews) within virtualized stack panels if all contained items are the same size.
Scope Major
Version 4.5
Type Runtime
Affected APIs

WPF spell checking in text-enabled controls will not work in Windows 10 for languages not in the OS's input language list

Details When running on Windows 10, the spell checker may not work for WPF text-enabled controls because platform spell-checking capabilities are available only for languages present in the input languages list.In Windows 10, when a language is added to the list of available keyboards, Windows automatically downloads and installs a corresponding Feature on Demand (FOD) package that provides spell-checking capabilities. By adding the language to the input languages list, the spell checker will be supported.
Suggestion Be aware that the language or text to be spell-checked must be added as an input language for spell-checking to work in Windows 10.
Scope Edge
Version 4.6
Type Runtime

WPF windows are rendered without clipping when extending outside a single monitor

Details In the .NET Framework 4.6 running on Windows 8 and above, the entire window is rendered without clipping when it extends outside of single display in a multi-monitor scenario. This is different from previous versions of the .NET Framework which would clip WPF windows that extended beyond a single display.
Suggestion This behavior (whether to clip or not) can be explicitly set using the <EnableMultiMonitorDisplayClipping> element in <appSettings> in an application's configuration file, or by setting the EnableMultiMonitorDisplayClipping property at app startup.
Scope Minor
Version 4.6
Type Runtime