Microsoft .NET Framework Update Version April 2026 cumulative update

April 14, 2026 update for .NET Framework adds security fixes for CVE-2026-32178, CVE-2026-32203, CVE-2026-32226, CVE-2026-23666, CVE-2026-26171, and CVE-2026-33116. It also includes reliability fixes for ClickOnce SHA384/SHA512 verification, Arm64 CLR crashes, WCF NamedPipe services, and OS call compliance. Updated April 28, 2026, with a known issue.

• Fixes a remote code execution vulnerability: CVE-2026-32178.
• Fixes denial-of-service vulnerabilities: CVE-2026-32203, CVE-2026-32226, and CVE-2026-23666.
• Fixes a security feature bypass vulnerability: CVE-2026-26171.
• Fixes an information disclosure vulnerability: CVE-2026-33116.

• Adds verification logic for ClickOnce to support SHA384 and SHA512.
• Fixes an Arm64 CLR crash when code generates and catches a NullReferenceException in the same function.
• Updates operating system calls for compliance with current standards.
• Fixes WCF NamedPipe service execution inside a Win32 app container on Windows 11 and Windows Server 2025.

• The update might fail to install when applied through DISM to an offline Windows 10 IoT Enterprise LTSC 21H2 image.

• For Windows 11, version 26H1 (build 28000 and newer), the update installs the complete .NET Framework 3.5 product as a standalone installer and replaces any previously installed version.
• Operating system KBs are used for update offering; the specific .NET Framework version installed depends on what is already present on the device.
• A fix for the DISM offline image installation issue will be included in a future .NET Framework update.

Product Information

Vendor: Microsoft

Product: .NET Framework

Version: April 2026 cumulative update

Release date: Apr 14, 2026