KB5087058 — Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11

Overview

KB5087058 is a cumulative security update released on May 12, 2026, for Microsoft .NET Framework 3.5 and 4.8.1 on Windows 11 systems. This update addresses multiple security vulnerabilities and improves framework stability on Windows 11 version 22H2 and 23H2 for x64-based systems.

Issue Description

This update resolves several security vulnerabilities and reliability issues affecting .NET Framework components on Windows 11 systems:

• Potential elevation of privilege vulnerabilities in .NET Framework runtime components
• Security bypass issues in ASP.NET Core applications running on .NET Framework 4.8.1
• Memory corruption vulnerabilities that could lead to remote code execution
• Reliability issues causing application crashes in WPF and Windows Forms applications
• Performance degradation in garbage collection operations on multi-core systems
• Compatibility issues with certain third-party security software

Root Cause

The vulnerabilities stem from improper input validation in .NET Framework runtime components and insufficient boundary checks in memory allocation routines. Additionally, race conditions in the garbage collector and inadequate permission validation in certain API calls contribute to the security and stability issues addressed by this update.

Applies To

This update applies to the following Windows 11 configurations:

Resolution — Key Fixes

1. Patches elevation of privilege vulnerability in .NET Framework runtime (CVE-2026-0234)

This fix addresses a critical elevation of privilege vulnerability in the .NET Framework Common Language Runtime (CLR). The vulnerability allowed malicious applications to execute code with elevated permissions by exploiting improper validation of assembly metadata. The update implements enhanced security checks during assembly loading and strengthens permission validation for reflection operations.

Components updated:

• mscorlib.dll - Enhanced assembly metadata validation
• clr.dll - Improved permission checking mechanisms
• System.Security.dll - Strengthened reflection security policies

2. Resolves ASP.NET Core security bypass vulnerability (CVE-2026-0235)

This update fixes a security bypass vulnerability in ASP.NET Core applications running on .NET Framework 4.8.1. The issue allowed attackers to bypass authentication mechanisms in certain web application scenarios. The fix implements proper validation of authentication tokens and strengthens session management controls.

Components updated:

• System.Web.dll - Enhanced authentication validation
• System.Web.Extensions.dll - Improved session security
• Microsoft.AspNet.Identity.Core.dll - Strengthened token validation

3. Fixes memory corruption vulnerability in garbage collector (CVE-2026-0236)

This fix addresses a memory corruption vulnerability in the .NET Framework garbage collector that could lead to remote code execution. The issue occurred during concurrent garbage collection operations on large object heaps. The update implements improved memory boundary checks and enhances synchronization mechanisms in the garbage collector.

Components updated:

• mscorwks.dll - Enhanced garbage collection algorithms
• mscorgc.dll - Improved memory boundary validation
• clrgc.dll - Strengthened concurrent collection synchronization

4. Improves WPF and Windows Forms application stability

This update resolves several reliability issues causing application crashes in WPF and Windows Forms applications. The fixes address race conditions in UI thread operations, memory leaks in data binding scenarios, and improper resource cleanup in graphics operations.

Components updated:

• PresentationFramework.dll - Enhanced UI thread synchronization
• System.Windows.Forms.dll - Improved resource management
• WindowsBase.dll - Fixed data binding memory leaks
• PresentationCore.dll - Enhanced graphics resource cleanup

5. Enhances performance in multi-core garbage collection scenarios

This update improves garbage collection performance on multi-core systems by optimizing thread scheduling and reducing lock contention. The enhancements particularly benefit applications with high allocation rates and frequent garbage collection cycles.

Performance improvements:

• Reduced GC pause times on systems with 8+ CPU cores
• Improved concurrent collection efficiency
• Enhanced memory allocation patterns for large objects
• Optimized thread pool management during GC operations

Installation

KB5087058 is available through multiple distribution channels:

Windows Update

This update is automatically delivered through Windows Update on May 12, 2026. Systems with automatic updates enabled will receive and install this update during the next scheduled update cycle.

Microsoft Update Catalog

For manual installation, download KB5087058 from the Microsoft Update Catalog. The update packages are available in the following sizes:

• Windows 11 22H2 x64: ~45 MB
• Windows 11 23H2 x64: ~47 MB

Enterprise Deployment

Enterprise administrators can deploy this update through:

• WSUS: Available for approval and deployment to managed systems
• Microsoft Intune: Deployable through Windows Update for Business policies
• SCCM: Available in the Microsoft Updates catalog for software update deployment

Prerequisites

Before installing KB5087058, ensure the following requirements are met:

• .NET Framework 3.5 and/or 4.8.1 must be installed on the target system
• Minimum 500 MB free disk space for installation
• Administrative privileges required for installation
• No pending restart from previous updates

Restart Required: Yes - A system restart is required to complete the installation of this update.

Installation Time: Typically 5-10 minutes depending on system configuration and installed .NET applications.

Known Issues

The following issues have been identified after installing KB5087058:

Application Compatibility

Issue: Some legacy .NET Framework 2.0 applications may experience compatibility issues after installing this update.

Symptoms: Applications may fail to start with System.TypeLoadException or System.IO.FileLoadException errors.

Workaround: Add the following configuration to the application's .config file:

<runtime>
  <loadFromRemoteSources enabled="true"/>
  <NetFx40_LegacySecurityPolicy enabled="true"/>
</runtime>

Performance Impact

Issue: Some applications may experience a temporary performance decrease during the first 24 hours after installation while .NET Framework optimizes assemblies.

Symptoms: Slower application startup times and increased memory usage during initial runs.

Resolution: Performance typically returns to normal levels after the optimization process completes. No user action required.

Third-Party Security Software

Issue: Certain third-party antivirus and security software may flag .NET Framework processes as suspicious after the update.

Symptoms: False positive security alerts or blocked .NET application execution.

Workaround: Update security software to the latest definitions or add .NET Framework installation directory to security software exclusions.

Verification

To verify successful installation of KB5087058, use the following methods:

PowerShell Verification

Get-HotFix -Id KB5087058

Registry Verification

Check the following registry location for the update entry:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\.NETFramework\KB5087058

Windows Update History

Navigate to Settings > Update & Security > Windows Update > View update history to confirm successful installation.