KB5087053 is a May 12, 2026 cumulative security update for .NET Framework 3.5 and 4.8.1 on Windows 10 systems. This update addresses multiple security vulnerabilities and improves framework reliability on ARM64 and 32-bit architectures.
Knowledge BaseKB5087053Windows Update
KB5087053 — Cumulative Update for .NET Framework 3.5 and 4.8.1
KB5087053 is a cumulative update released May 12, 2026, that addresses security vulnerabilities and reliability issues in .NET Framework 3.5 and 4.8.1 on Windows 10 Version 21H2 and 22H2 systems.
13 May 2026 12 min read —
KB5087053Windows UpdateSecurity Update 5 fixes 12 min Microsoft .NET Framework 3.5 and 4.8.1 on Windows 10 Version 21H2 for ARM64-based Systems +1Download
Quick Overview
PowerShell—Check if KB5087053 is installed
PS C:\> Get-HotFix -Id KB5087053# Returns patch details if KB5087053 is installed
Download Update
Download from Microsoft Update Catalog
Get the official update package directly from Microsoft
Diagnostic
Issue Description
Issue Description
This update resolves several security vulnerabilities and stability issues in .NET Framework components:
- Potential remote code execution vulnerabilities in .NET Framework runtime components
- Security bypass vulnerabilities in ASP.NET Core applications
- Memory corruption issues in System.Drawing.Common on ARM64 systems
- Performance degradation in garbage collection on 32-bit systems
- Intermittent application crashes when using WPF applications with complex UI hierarchies
Important: Systems without this update may be vulnerable to remote code execution attacks through malicious .NET applications or web content.
Analysis
Root Causes
Root Cause
The vulnerabilities stem from improper input validation in .NET Framework runtime libraries and insufficient bounds checking in memory allocation routines. The ARM64-specific issues are related to architecture-specific code paths in the Common Language Runtime (CLR) that were not properly validated for 64-bit ARM processors.
Overview
KB5087053 is a cumulative security update released on May 12, 2026, for Microsoft .NET Framework 3.5 and 4.8.1. This update specifically targets Windows 10 Version 21H2 for ARM64-based systems and Windows 10 Version 22H2 for 32-bit systems. The update addresses multiple security vulnerabilities, including remote code execution and security bypass issues, while also improving framework stability and performance.
Security Vulnerabilities Addressed
This update resolves several critical security vulnerabilities that could potentially allow attackers to compromise affected systems:
CVE-2026-0234: Remote Code Execution in .NET Framework Runtime
A critical vulnerability in the Common Language Runtime (CLR) could allow remote code execution through specially crafted .NET assemblies. This vulnerability affects both .NET Framework 3.5 and 4.8.1 installations and has a CVSS score of 8.8. Successful exploitation could allow an attacker to execute arbitrary code in the context of the current user.
CVE-2026-0235: ASP.NET Core Authentication Bypass
A security bypass vulnerability in ASP.NET Core authentication middleware could allow unauthorized access to protected resources. This issue specifically affects web applications using custom authentication schemes and has a CVSS score of 7.5.
Architecture-Specific Improvements
ARM64 Enhancements
Windows 10 Version 21H2 for ARM64-based systems receives specific fixes for:
- Memory alignment issues in graphics processing
- Performance optimizations for 64-bit ARM processors
- Enhanced compatibility with ARM64 native libraries
32-bit System Optimizations
Windows 10 Version 22H2 for 32-bit systems benefits from:
- Improved memory management for constrained environments
- Enhanced garbage collection performance
- Reduced memory fragmentation
Affected System Requirements
| Operating System | Architecture | .NET Framework Version | Status |
|---|---|---|---|
| Windows 10 Version 21H2 | ARM64 | 3.5, 4.8.1 | Supported |
| Windows 10 Version 22H2 | 32-bit (x86) | 3.5, 4.8.1 | Supported |
Note: This update does not apply to 64-bit (x64) systems or other Windows 10 versions. Separate updates are available for those configurations.
Installation Process
The installation process varies depending on the deployment method chosen:
Automatic Installation via Windows Update
For most users, KB5087053 will be automatically downloaded and installed through Windows Update. The process typically follows this sequence:
- Update detection during scheduled Windows Update check
- Download of update package (40-45 MB depending on architecture)
- Installation during next maintenance window
- System restart to complete installation
Manual Installation
Enterprise administrators can manually install the update using the following PowerShell command:
Get-WindowsUpdate -KBArticleID KB5087053 | Install-WindowsUpdate -AcceptAll -AutoRebootVerification of Installation
To verify successful installation, use the following command:
Get-HotFix -Id KB5087053Alternatively, check the installed updates list in Windows Settings under Update & Security > Windows Update > View update history.
Impact Assessment
Security Impact
Installing KB5087053 significantly improves the security posture of affected systems by:
- Eliminating remote code execution vectors in .NET applications
- Preventing authentication bypass attacks in web applications
- Reducing the attack surface for memory corruption exploits
Performance Impact
Users may notice the following performance changes:
- Slightly increased application startup time (5-10%) due to enhanced security validation
- Improved long-term performance in memory-intensive applications
- Better system stability under high load conditions
Compatibility Considerations
While the update maintains backward compatibility with existing .NET applications, some considerations apply:
- Legacy applications may require testing to ensure continued functionality
- Third-party libraries interfacing with System.Drawing.Common should be updated
- Custom authentication implementations should be validated post-installation
Deployment Recommendations
Microsoft recommends the following deployment strategy for enterprise environments:
- Test Environment: Deploy to test systems first to validate application compatibility
- Pilot Group: Roll out to a small group of production systems
- Phased Deployment: Gradually expand deployment based on pilot results
- Monitoring: Monitor system performance and application functionality post-deployment
Support and Additional Resources
For organizations requiring additional support during deployment, Microsoft offers several resources:
- Premier Support for enterprise customers
- Community forums for general questions
- Microsoft Docs for technical documentation
- Partner support through certified Microsoft partners
Resolution Methods
Key Fixes & Changes
01
Patches remote code execution vulnerability in .NET Framework runtime (CVE-2026-0234)
This fix addresses a critical vulnerability in the Common Language Runtime that could allow attackers to execute arbitrary code through specially crafted .NET assemblies. The update implements enhanced input validation and bounds checking in the assembly loader and JIT compiler components.
- Enhanced validation of assembly metadata structures
- Improved bounds checking in native code generation
- Strengthened security policies for code access security
02
Resolves ASP.NET Core security bypass vulnerability (CVE-2026-0235)
Fixes a security bypass issue in ASP.NET Core authentication middleware that could allow unauthorized access to protected resources. The vulnerability affected applications using custom authentication schemes on both ARM64 and 32-bit platforms.
- Corrected authentication token validation logic
- Enhanced middleware pipeline security checks
- Improved session state management
03
Fixes memory corruption in System.Drawing.Common on ARM64 systems
Addresses memory corruption issues specific to ARM64 architecture when processing large bitmap images or complex graphics operations. This fix prevents application crashes and potential security vulnerabilities in graphics-intensive applications.
- Corrected memory alignment issues on ARM64 processors
- Fixed buffer overflow conditions in image processing routines
- Improved error handling for out-of-memory conditions
04
Improves garbage collection performance on 32-bit systems
Optimizes garbage collection algorithms for 32-bit Windows 10 systems, reducing memory fragmentation and improving application responsiveness. This update specifically targets performance issues observed in applications with high memory allocation patterns.
- Enhanced heap compaction algorithms
- Reduced GC pause times for large object heaps
- Improved memory pressure detection and response
05
Resolves WPF application stability issues
Fixes intermittent crashes in Windows Presentation Foundation applications when handling complex UI hierarchies or data binding scenarios. The update improves thread safety and resource management in WPF core components.
- Enhanced thread synchronization in UI dispatcher
- Improved resource cleanup in data binding engine
- Fixed race conditions in visual tree operations
Validation
Installation
Installation
KB5087053 is available through multiple distribution channels:
Windows Update
This update is automatically delivered to eligible systems through Windows Update. The update will be installed during the next scheduled update cycle, typically within 24-48 hours of release.
Microsoft Update Catalog
Manual download is available from the Microsoft Update Catalog for enterprise environments requiring immediate deployment. The update packages are available in the following configurations:
- Windows 10 Version 21H2 ARM64: ~45 MB
- Windows 10 Version 22H2 32-bit: ~42 MB
Enterprise Deployment
System administrators can deploy this update through:
- Windows Server Update Services (WSUS)
- Microsoft System Center Configuration Manager (SCCM)
- Microsoft Intune for cloud-managed devices
Prerequisites
Before installing KB5087053, ensure the following requirements are met:
- .NET Framework 3.5 and 4.8.1 must be installed and enabled
- Minimum 500 MB free disk space
- Administrative privileges required for installation
- No pending system restarts
Note: A system restart is required to complete the installation of this update.
If it still fails
Known Issues
Known Issues
The following issues have been identified after installing KB5087053:
Installation Failures
- Error 0x80070643: Installation may fail if .NET Framework components are corrupted. Run
sfc /scannowandDISM /Online /Cleanup-Image /RestoreHealthbefore retrying installation. - Error 0x80240017: Insufficient disk space. Ensure at least 500 MB free space is available on the system drive.
Application Compatibility
- Some legacy .NET Framework 2.0 applications may experience slower startup times. This is expected behavior due to enhanced security validation.
- Third-party graphics libraries that directly interface with System.Drawing.Common may require updates to work correctly on ARM64 systems.
Performance Impact
- Initial application startup may be 5-10% slower due to enhanced security checks. Performance returns to normal after the first run.
- Memory usage may increase by 2-5% in applications with intensive garbage collection activity.
Workarounds
If applications experience compatibility issues:
- Verify application compatibility with .NET Framework 4.8.1
- Update third-party components to latest versions
- Contact application vendors for ARM64-specific updates if needed
Frequently Asked Questions
What does KB5087053 resolve?+
KB5087053 resolves multiple security vulnerabilities in .NET Framework 3.5 and 4.8.1, including CVE-2026-0234 (remote code execution) and CVE-2026-0235 (authentication bypass). It also fixes memory corruption issues on ARM64 systems and improves garbage collection performance on 32-bit systems.
Which systems require KB5087053?+
This update applies to Windows 10 Version 21H2 for ARM64-based systems and Windows 10 Version 22H2 for 32-bit systems that have .NET Framework 3.5 and 4.8.1 installed. It does not apply to 64-bit (x64) systems or other Windows 10 versions.
Is KB5087053 a security update?+
Yes, KB5087053 is classified as a security update. It addresses critical vulnerabilities including remote code execution (CVE-2026-0234) and authentication bypass (CVE-2026-0235) issues that could allow attackers to compromise affected systems.
What are the prerequisites for KB5087053?+
Prerequisites include having .NET Framework 3.5 and 4.8.1 installed and enabled, at least 500 MB free disk space, administrative privileges for installation, and no pending system restarts. A system restart is required after installation.
Are there known issues with KB5087053?+
Known issues include potential installation failures with errors 0x80070643 or 0x80240017, slower startup times for legacy .NET 2.0 applications, and possible compatibility issues with third-party graphics libraries on ARM64 systems. Initial application startup may be 5-10% slower due to enhanced security checks.
References (3)
1
KB5087053 : Mise à jour cumulative pour .NET Framework 3.5 et 4.8.1Article de support officiel de Microsoft pour KB5087053 avec des informations complètes sur l'installation et le dépannagehttps://support.microsoft.com/en-us/topic/may-12-2026-kb5087053-cumulative-update-for-net-framework-3-5-and-4-8-1-for-windows-10-version-21h2-and-windows-10-version-22h2-09237c77-fbc4-4ded-a2b6-7bf020881471
2Mises à jour de sécurité du .NET FrameworkDocumentation Microsoft Learn couvrant les versions du .NET Framework, les dépendances et les procédures de mise à jour de sécurité.https://learn.microsoft.com/en-us/dotnet/framework/migration-guide/versions-and-dependencies
3Historique des mises à jour de Windows 10Historique complet des mises à jour de Windows 10, y compris les correctifs de sécurité et les mises à jour de fonctionnalitéshttps://support.microsoft.com/en-us/topic/windows-10-update-history
Discussion
Share your thoughts and insights
Sign in to join the discussion
More Articles
Related KB Articles
Security Update
Windows Update
KB5087051 — Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 Version 25H2
KB5087051 is a May 2026 cumulative update that addresses security vulnerabilities and reliability issues in .NET Framework 3.5 and 4.8.1 on Windows 11 Version 25H2 for both x64 and ARM64-based systems.
May 139 min
Security Update
Windows Update
KB5087054 — Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 Version 24H2
KB5087054 is a May 2026 cumulative update that addresses security vulnerabilities and reliability issues in .NET Framework 3.5 and 4.8.1 on Windows 11 Version 24H2 for x64-based systems.
May 138 min
Security Update
Windows Update
KB5087058 — Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11
KB5087058 is a May 2026 cumulative update that addresses security vulnerabilities and reliability issues in .NET Framework 3.5 and 4.8.1 on Windows 11 version 22H2 and 23H2 systems.
May 1312 min