Today, we are happy to announce the release of the .NET Framework 4.7.2. It’s included in the Windows 10 April 2018 Update. .NET Framework 4.7.2 is also available on Windows 7+ and Windows Server 2008 R2+.
You can download the .NET Framework 4.7.2
The .NET Framework 4.7.2 includes improvements in several areas:
- [ASP.NET] Support for SameSite cookie in ASP.NET
- [ASP.NET] Support for ASP.NET Dependency Injection
- [ClickOnce] Per-monitor support for WPF and HDPI-aware VSTO apps deployed via ClickOnce
- [SQL] Always Encrypted enhancements in SQL Connectivity
- [Networking & BCL] Enhanced .NET Framework support for .NET Standard 2.0
- [BCL] Cryptography improvements
- [WPF] Diagnostic enhancements
For building applications targeting .NET Framework 4.7.2 download the Developer Pack. You can see the complete list of improvements in the .NET Framework 4.7.2 release notes. .NET Framework 4.7.2 will be available on Windows Update in the near future. Docker images are also available for this release at Docker Hub.
Supported Windows Versions
The .NET Framework 4.7.2 is supported on the following Windows versions:
- Windows 10 April 2018 Update (included in-box)
- Windows 10 Fall Creators Update
- Windows 10 Creators Update
- Windows 10 Anniversary Update
- Windows 8.1
- Windows 7 SP1
The .NET Framework 4.7.2 is supported on the following Windows Server versions:
- Windows Server, version 1709
- Windows Server 2016
- Windows Server 2012 R2
- Windows Server 2012
- Windows Server 2008 R2 SP1
ASP.NET – Dependency Injection in WebForms
- Support setter-based, interface-based and constructor-based injection in web application project in Handler, Module, Page, User control and Custom control.
- Support setter-based and interface-based injection in web site project in Handler, Module, Page, User controls and Custom controls.
- Extensebility to support different dependency injection frameworks.
ASP.NET – SameSite Cookie
- In HttpCookie object
- In FormsAuthentication and SessionState cookies
You can set SameSite for a HttpCookie object as follows.
You can configure HttpCookie SameSite at application level through web.config as follows.
ClickOnce – Per-monitor support for WPF and HDPI-aware ClickOnce deployed apps
ClickOnce – Enable SHA256 timestamping of Deployment Manifests
SQL – Azure AD Universal and Multi-factor Authentication Support
Growing compliance and security demand requires many customers to use Multi-Factor authentication (MFA). In addition, current best practices directs developers from not including any user password directly in the connection string. We have extended SqlClient Connection String by introducing a new Azure AD Interactive authentication keyword to support MFA. This also enables support of Azure AD Authentication.
This feature introduces a new value for the existing “Authentication” keyword, specifying a new authentication method called “Active Directory Interactive”. The new interactive method supports native and federated Azure AD users as well as Azure AD guest users. When this method is being used, the MFA authentication imposed by Azure AD is supported for SQL DB. In addition, a user password is requested as part of an interactive dialog enabling us to adhere to security best practices.
Originally SQL connectivity in .NET Framework supported only ActiveDirectoryPassword and ActiveDirectoryIntegrated. Both of these are part of the non-interactive ADAL protocol which do not support MFA. With the new ActiveDirectoryInteractive keyword, the SQL connectivity supports MFA as well as existing authentication methods (password and integrated authentication) allowing users to enter user password interactively without the need to persist passwords in the SQL connection string.
This feature can be configured with tools like SQL Server Data Tools (SSDT), as illustrated below. In the latest Visual Studio 15.7 preview, a new authentication option called “Active Directory Interactive Authentication” can be used to support MFA authentication to SQL database.
The following sample shows how to instantiate the communication provider that is required to register it to a specific authentication method. It also shows creating connections to SQL database using the different authentication methods, of which two are existing ones: ActiveDirectoryPassword, ActiveDirectoryIntegrated and the latest ActiveDirectoryInteractive.
BCL – Cryptographic Improvements
New overloads to RSA.Create and DSA.Create
Rfc2898DeriveBytes accepts a hash algorithm name
New constructor overloads have been added to Rfc2898DeriveBytes that accepts a HashAlgorithmName to identify which HMAC algorithm should be used when deriving keys. Developers are encouraged to generate new keys with a SHA-2-based HMAC as follows instead of using HMAC_SHA1.
Support for EphemeralKeySet
- Certificates loaded with this flag are not recommended to be added to an X509Store because the keys are not persisted to disk.
-
Keys loaded in this manner will almost always be loaded via Windows CNG, therefore callers must access the private key via the extension methods – for e.g., cert.GetRSAPrivateKey(). The PrivateKey property on X509Certificate2 will not function.
-
Since the legacy PrivateKey property will not work with certificates, developers are advised to perform rigorous testing before switching to EphemeralKeySet.
Programmatic creation of PKCS#10 certification signing requests and X.509 public key certificates
The .NET Framework now enables generation of certificate signing requests (CSRs), allowing certificate request generation to be staged into existing tooling.
The following example creates a CSR to be valid as a TLS Server Authentication certificate for www.adatum.com. Furthermore, adatum.com is signed with an existing RSA key using RSA-PSS with SHA-2-256.
The .NET Framework now enables workloads to generate self-signed certificates in a programmatic manner. This is frequently useful in test scenarios.
The following example creates a self-signed version of a TLS Server Authentication certificate for www.adatum.com, using an existing ECDSA key with an ECDSA-SHA-2-256 signature.
Other Features
-
The SignerInfo class for SignedCms exposes more information about the signature. SignerInfo.SignatureAlgorithm can be queried to determine the signature algorithm used by the signer. SignerInfo.GetSignature() can be called to get a copy of the cryptographic signature for this signer.
- CryptoStream now has an additional constructor that allows Dispose to not close the wrapped stream. To continue with the current behavior, no changes are necessary. To leave the wrapped stream open after the CryptoStream is disposed, use `new CryptoStream(stream, transform, mode, leaveOpen: true)`.
BCL – ZLib decompression support to DeflateStream
This feature improves the throughput of decompressing ZIP archives by using native implementation of ZIP. This enables up-to 3x increase in the throughput of ZIP archives during decompression. There are minor differences between the existing and native implementation, hence this feature is enabled by default only for applications targeting .NET Framework 4.7.2.
Older applications can opt-into this behavior by using the following AppContext switch:
BCL – Additional Collection APIs
- ‘TryGetValue‘ is added to SortedSet and HashSet to match the Try pattern used in other collection types.
- The `Enumerable.To*` extension methods are added to SortedSet and HashSet.
- New HashSet constructors allow HashSets to be constructed with a capacity, offering a performance benefit when you know ahead of time what the size of the HashSet will be.
WorkflowDesigner High Contrast Improvements
Before and after experiences with these changes for various workflow features are illustrated below.
Feature | Before | After |
Foreground colors of selected activities’s title change to black
|
||
Foreground colors of selected arguments/variables change to black
|
||
Foreground colors of selected context menu items change to black
|
||
Foreground colors of selected flowchart connectors change to turquoise
|
||
Foreground colors of selected buttons in properties window change to black
|
WPF – Finding ResourceDictionaries by Source
WPF – Finding ResourceDictionary owners
WPF – Finding StaticResource references
This feature allows a diagnostic assistant to receive a notification whenever a StaticResource reference is resolved. A diagnostic assistant such as Visual Studio’s “Edit-and-Continue” facility may want to update all uses of a resource when it changes or replaces a value in a ResourceDictionary. WPF does this automatically for DynamicResource references, but intentionally does not do so for StaticResource references. The diagnostic assistant is faced with the challenge of locating those uses. This feature helps meet the challenge.
Closing
Please try out these improvements in the .NET Framework and let us know what you think. Please share your feedback in the comments below or on GitHub.
In the DI example step 1 has an activator called SimpleActivator but in step 2 the name changes to NaiveActivator
That’s naive of you to think that is not how you spell native.
(could… not… resist.)
Thanks, Timothy Clark. I’ve fixed this.
Hey, no Brotli compression support? /:
(The red mark on the commas in the gists is GitHub’s syntax highlighter complaining about the right double quotation mark being used rather than the normal straight quotation mark.)
Shhhhhh let others enjoy that one on their own. We all have to earn our dues here!
“MVC Framework already supports dependency injection,” For MVC controller injection using .NET Framework, all the Pluralsight courses show use of third party dependency injection tools (e.g., StructureMap). Are you saying that .NET Framework natively supports MVC dependency injection? Your cited link does not actually show any examples of dependency injection. Can you post a link to .NET Framework dependency injection in MVC?
MVC has supported dependency injection since MVC 4 (or is it 3) https://docs.microsoft.com/en-us/aspnet/mvc/overview/older-versions/hands-on-labs/aspnet-mvc-4-dependency-injection
You can check https://docs.microsoft.com/en-us/aspnet/mvc/overview/older-versions/hands-on-labs/aspnet-mvc-4-dependency-injection, nothing is actually changed since MVC 4. There in no sense to develop one more dependency container, there are plenty of them. Or you always can create your own, it’s not difficult at all to create a simple container and integrate it implementing IDependencyResolver.
I cannot select 4.7.2 as target in Visual Studio 2017, even when I’ve downloaded the developer pack. What’s wrong?
@msedi, we were unable to repro the issue with the Dev Pack as you mentioned. After installing the 4.7.2 Dev Pack, the target for 4.7.2 is visible in VS 2017.
Can you send your exact repro steps, VS version (15.X) and the install logs to dotnet-install-help @ service.microsoft.com and we can try to unblock you?
You can generate the log cab file using the log collection tool at http://aka.ms/vscollect.
Thanks
Same here. VS 2017 15.6.7. No 4.7.2 in target selection dialog. No errors during install. Rebooted as promted.
@Vivek Mishra – MSFT
Something wrong with non-english versions of 4.7.2 Dev Pack. For example the russian version is not being installed at all (though there are no errors during installation) – no entry neither in “Programs and features” of Control Panel nor in “Select target” of VS 2017 15.6.7.
NDP472-DevPack-RUS.exe size is just 16005008 bytes, while NDP472-DevPack-ENU.exe size is 97326208 bytes.
Same here, it’s not possible to target Framework 4.7.2 after Installation of NDP472-DevPack-DEU.exe with Visual Studio 2017 Enterprise Edition. (I’m sure it has nothing to do with the VS 2017 Version but with language supoort).
thx for Fixing 🙂
you only instaleld the langauge pack, not the target pack itself. First install the larger ENU exe and next the DEU exe
in Windows 10 1803 the Framework 4.7.2 is already included.
Can’t find also the Downloadlink für the larger ENU Pack (Developer!)
MaxH123 wrote as a Response to Chris Benner with Link to the ENU package.
That was very helpful and resolves the Problem.
Thanks to MaxH123
https://download.microsoft.com/download/5/F/E/5FE505D0-E753-4F1A-B8D6-D9E73C0C28C7/NDP472-DevPack-ENU.exe
+1, the link of Dev Pack point to Lang Pack in country which has an Lang Pack, and the same for the one in http://www.dot.net. And what’s the worse, the latter can be installed without Dev Pack with no warnings.
An workaround is add “&clcid=0x409” to the link.
BTW: Lucky the offline one of runtime don’t point to lang pack, but there is no link to offline lang pack in the announcing.
Ahhh, before I forgot. What happened to Span? Do you have a date when it will be released? Currently it’s still preview.
Thank you for your interest in Span! We are currently developing Span for .NET Core (https://github.com/dotnet/corefx/tree/master/src/System.Memory).
If you would like to use Span on Full Framework you can use the System.Memory package available of NuGet today!
Can you tell me more about the scenario in which you would like to use Span? Does the current package address your scenario?
Hi Alex,
thanks for the feedback. I was hoping that the System.Memory package will get productive soon. Currently it’s preview only, and I don’t know if I want to start with a preview version.
Regarding your question: We are dealing with a large amount of data where we need a lot of slicing and including a lot of mathematical operations on the data. Currently a lot of copying and pinning is necessary to get the appropriate speed. I guess span will not solve the problem, but what it solves is that I can pack pinnable data into a “normalized” structure. ArraySegment was our first choice, but this thing is awfully slow for our purposes.
What we also deal with is to load data from the disk. The files are typically up to 20GB mostly consisting of float data. Here the problem is that there is no native way neither from FileStream nor from BinaryReader where we can read an array of data at once. The only possibility now is to do a for loop using a BinaryReader.ReadSingle(). But this is more than awfully slow. What we currently do is to load the byte array, pin it and reinterpret it. Therefore I’m also hoping that the Span helps with the reinterpret / NonPortableCast which you have now put into MarshalServices.Cast. The problem might be that the Cast might add additional pressure to the GC since the Span is reinterpreted and then I need the real array again. Or would you get rid completely of a regular array for blittable data?
Recently we opened up a very dirty solution where updated the array header by going directly in the memory. This works well and does not add additional pressure to the GC, but that’s dirty. For us this means that when I want to read 1MB block (Single) I first need to allocate a 1MB byte array. Then I need to reinterpret it as float array. The byte array can be discarded again. When you do this for all blocks in the 20GB file you see a lot of GC events.
So maybe this explains a little why I really need Span.
I’m also really open for further discussions omn this.
Best
MS
Thanks for the update! It sounds like you have a very interesting use case for Span.
I think the best next step would be to file an issue in the CoreFx repo (https://github.com/dotnet/corefx) and describe your scenario. It is possible that the current Span features are not enough for you, but we are interested in understanding these scenarios as they would help inform where we go from here.
Hi Alex,
thanks for the hint. Do you think it makes sense to meet in person with some Span people at MS to discuss a few things. I would be glad to hear from you.
Can you provide more info about this: “Enhanced .NET Framework support for .NET Standard 2.0”
The .NET Framework 4.7.1 added eight properties to the System.Net.Http.HttpClientHandler class. However, two threw a PlatformNotSupportedException. The .NET Framework 4.7.2 now provides an implementation for these properties. The properties are:
* CheckCertificateRevocationList
* SslProtocols
In .NET Framework 4.7.2 we have addresses the known runtime issues with .NET Standard 2.0. We made changes to the runtime to ensure that you don’t need additional files deployed along with your .NET Standard library. This would also remove the need to have binding redirects generated in your application that consumes a .NET Standard library.
There is an embarrassing problem with Windows Update in old .NET Framework security and quality updates replace after installed netfx472.
I post it on .NET forums:
https://social.msdn.microsoft.com/Forums/en-US/0f262109-4a07-4940-a803-7d5de3017d9e/net-framework-472-update-replaces-issue-in-windows-update?forum=netfxsetup
I found that there have been some changes since the last post, some of the problems seem to disappear, but there are problems in specific cases, so I updated the forum article, you can see the update section of the article to get more information:-)
Thank you for your report, we have identified that there was an issue in our offering detection. The issue has been resolved and made available this morning, 5/3/18. All affected KBs will now be offering correctly.
Hi,
the posted download links (Web Installer and Offline Installer) are using https, but they are redirecting to http://download.microsoft.com/… instead of https://download.microsoft.com/…
Can you please change them to redirect to an https location? Thank you!
Thank you for your report! These have been fixed now.
In step 1 of the first code example it should read Where (…) instead of Select (…). However, the whole foreach should be expressed as a LINQ statement.
The Dependency Injection in WebForms sample code has a bug. The following code:
if(c.GetParameters().Select(p => p.GetType() == typeof(ILog)).Count() > 0)
Should be:
if(c.GetParameters().Select(p => p.ParameterType == typeof(ILog)).Count() > 0)
Hi,
I noticed the download links in the post are “https”, but they redirect to “http” URLs (download.microsoft.com) which means the download is not over TLS.
Can you please change the redirection to use https URLs? Thank you!
There’s a bug in the Dependency Injection in WebForms sample.
The line:
if(c.GetParameters().Select(p => p.GetType() == typeof(ILog)).Count() > 0)
should be:
if(c.GetParameters().Select(p => p.ParameterType == typeof(ILog)).Count() > 0)
Good catch. Will update the sample code. In real scenario, DI container framework like Unity, Ninject, AutoFac etc should be used. We will publish a blog about this new feature on MSDN soon.
Yeah, it’s a simple example but I tried it out and it didn’t work! I look forward to the blog post about the feature.
The link of `Developer Pack` point to language pack instead the main pack in China(maybe also all others which have language packs), the same for the one in https://www.microsoft.com/net/download/thank-you/net472-developer-pack. An workaround is add “&clcid=0x409” to the link.
Hi,
I noticed the download links for .NET 4.7.2 redirect to a “http” URL. Can you please change them to redirect to a “https” URL?
Thanks!
Thank you for your report. This has been fixed today (5/7/2018).
Still has SslStream bug
https://developercommunity.visualstudio.com/content/problem/197335/sslstreamauthenticateasclient-ignores-checkcertifi.html
Thanks for pointing it out!
We updated the bug report with more details – the bug exists since .NET 4.7 when the API overload was introduced and there is a workaround (use another overload). You can monitor the report for further progress on a fix.
Seems there’s something broken in SqlClient https://stackoverflow.com/questions/50177658/nullreferenceexception-inside-net-code-of-sqlconnection-cacheconnectionstringpr Checking the offline installer files with a decompiler , it looks like code was added *outside* the null-check scope in `SqlConnection.CacheConnectionStringProperties()`. Luckily, this code doesn’t appear in the corefx repo.
It does’nt work with NDP472-DevPack-DEU.exe and Visual Studio 2017 E
Can’t target the 4.7.2 Framework (it’s not listet in the Combobox where all other Frameworks resides.).
Hi, please try with the english (ENU) version of the DevPack: https://download.microsoft.com/download/5/F/E/5FE505D0-E753-4F1A-B8D6-D9E73C0C28C7/NDP472-DevPack-ENU.exe
The localized versions (e.g. DEU) of the Developer Pack don’t seem to work.
What about redistributable package 472 for ClickOnce installer? There isn’t one in 15.7.0 Preview 6.0
That is expected to release in 15.8 Preview 2 or after.
VS 2017 15.7 has been released and I thought that it would include the 4.7.2 dev pack and targeting. I don’t see it in the list of individual components. Was it not intended to be included in this release? Should we download it separately?
Yes, we do have plans to include 4.7.2 dev pack in next update for VS 2017. It was not intended to be included in 15.7 as the release timelines did not align.
For now you can download the 4.7.2 Dev Pack from below and get the Framework, Targeting, Intellisense & SDK.
https://www.microsoft.com/net/download/windows OR
https://go.microsoft.com/fwlink/?LinkId=863261
Thanks.
Can we install this version on the server with Exchange 2013 CU 20 ?
There are issues with assemblies not referencing correctly. I installed the developer targeting pack, created a new project, changed to .NET 4.7.2, tried to reference a NuGet package (System.Console) and I see a little yellow triangle in the reference and System.Console is unrecognized. If I remove the reference in the project and manually navigate to the NuGet packages location, it changes automatically to C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.7.2\Facades\System.Console.dll
Hey Dariel
I would like to understand more about why you added the reference to the System.Console package? .NET Framework has support for Console built-in ( the type lives in mscorlib.dll) so you wouldn’t have to do anything special in order to use Console.