KB5087054: Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11 version 24H2 (May 2026)
Security cumulative update for .NET Framework 3.5 and 4.8.1 on Windows 11 version 24H2, released May 12, 2026. Addresses two elevation of privilege CVEs.
Summary
This is a security cumulative update for .NET Framework 3.5 and 4.8.1 on Windows 11, version 24H2, released on May 12, 2026. It delivers security fixes addressing two elevation of privilege vulnerabilities and includes cumulative reliability improvements. Microsoft recommends applying it as part of regular maintenance routines. Source: Microsoft Support
Improvements and fixes
- Resolves an elevation of privilege vulnerability in .NET Framework tracked as CVE-2026-32177.
- Resolves a second elevation of privilege vulnerability in .NET Framework tracked as CVE-2026-35433.
- No new quality or reliability improvements are included in this release beyond the security fixes above.
Known issues
Microsoft lists no known issues for this update at the time of writing.
How to get this update
This update is available through several channels. Via Windows Update and Microsoft Update, it downloads and installs automatically - no manual action is required. The same automatic behavior applies to Windows Update for Business. For manual deployment, the standalone package can be obtained from the Microsoft Update Catalog website. For Windows Server Update Services (WSUS), the update syncs automatically when the Product is configured as "Windows 11, version 24H2" and the Classification is set to "Security Updates".
Prerequisites: .NET Framework 3.5 or 4.8.1 must already be installed on the target system before applying this update.
Restart requirement: A system restart is required after applying this update if any affected files are in use at the time of installation. Microsoft recommends closing all .NET Framework-based applications before beginning the installation.
Frequently asked questions
Does this update apply to both .NET Framework 3.5 and 4.8.1?
Yes. KB5087054 is a single cumulative update that covers both .NET Framework 3.5 and 4.8.1 on Windows 11, version 24H2. Systems running either version of the framework should receive and install this update. Check that at least one of those framework versions is present before attempting installation.
What security vulnerabilities does this update address?
The update patches two elevation of privilege vulnerabilities: CVE-2026-32177 and CVE-2026-35433, both affecting .NET Framework. Elevation of privilege vulnerabilities can allow an attacker who already has limited access to a system to gain higher permissions, making timely patching important for security posture.
Will this update install automatically, or do I need to deploy it manually?
For most environments, it installs automatically through Windows Update, Microsoft Update, or Windows Update for Business with no additional steps needed. WSUS administrators must ensure the product and classification settings described above are configured. A standalone package is also available from the Microsoft Update Catalog for manual or scripted deployment scenarios.
Is a restart always required after installing this update?
A restart is required only if affected files are in use when the update is applied. To reduce the likelihood of a forced restart, Microsoft advises exiting all .NET Framework-based applications before starting the installation. Planning the update during a scheduled maintenance window is the safest approach in production environments.
