Microsoft .NET Framework(微软系统平台的编程框架)

Microsoft .NET Framework(微软系统平台的编程框架)

V4.7.2 官方安装版

  • 2018-05-02
  • 简体中文
  • 3分
  • 134940下载

Microsoft .NET Framework 4.5正式版是一个针对 .NET Framework 4 的高度兼容的就地更新。通过将 .NET Framework 4.5 与 C# 或 Visual Basic 编程语言结合使用,您可以编写 Windows Metro 风格的应用程序。.NET Framework 4.5 包括针对 C# 和 Visual Basic 的重大语言和框架改进,以便您能够利用异步性、同步代码中的控制流混合、可响应 UI 和 Web 应用程序可扩展性。.NET Framework 4.5 添加了针对其他功能区域(如 ASP.NET、Managed Extensibility Framework (MEF)、Windows Communication Foundation (WCF)、Windows Workflow Foundation (WF) 和 Windows Identity Foundation (WIF))的大量改进。.NET Framework 4.5 提供了更高的性能、可靠性和安全性。

Microsoft .NET Framework 4.5是一款运行在.NET框架微软的编程模型,用于构建应用程序,具有无缝和安全的通信能力,良好的用户体验,广受用户好评!
      NET Framework 4.5 包括针对 C# 和 Visual Basic 的重大语言和框架改进,以便您能够利用异步性、同步代码中的控制流混合、可响应 UI 和 Web 应用程序可扩展性。

新版框架继续高度兼容现有的.NET Framework 4、4.5、4.5.1等版本,该版本框架与旧版的.NET Framework 3.5 SP1和早期版本采取不同的处理方式,但与.NET Framework 4、4.5相比,则是一种原地升级和增强。开发人员可以使用Visual Studio 2013、Visual Studio 2012或第三方IDE来生成面向.NET Framework 4.5.2的应用程序。

      Microsoft .NET Framework 4.5支持的操作系统:
支持操作系统平台:Win7 Service Pack 1,Win8,Win8.1,Windows Server 2008 R2 SP1,Windows Server 2008 Service Pack 2,Windows Server 2012,Windows Server 2012 R2,Windows Vista Service Pack 2全平台。


What’s new in the .NET Framework 4.7.2
The .NET Framework 4.7.2 includes new features in the following areas:
A continuing focus in the .NET Framework 4.7.2 is improved accessibility, which allows an application to provide an appropriate experience for users of Assistive Technology. For information on accessibility improvement in the .NET Framework 4.7.2, see What’s new in accessibility in the .NET Framework.
The .NET Framework 4.7.2 features a large number of cryptographic enhancements, better decompression support for ZIP archives, and additional collection APIs.
New overloads of RSA.Create and DSA.Create
The DSA.Create(DSAParameters) and RSA.Create(RSAParameters) methods let you supply key parameters when instantiated a new DSA or RSA key. They allow you to replace code like the following:

// Before .NET Framework 4.7.2
using (RSA rsa = RSA.Create())
// Other code to execute using the RSA instance.
with code like this:

// Starting with .NET Framework 4.7.2
using (RSA rsa = RSA.Create(rsaParameters))
// Other code to execute using the rsa instance.
The DSA.Create(Int32) and RSA.Create(Int32) methods let you generate new DSA or RSA keys with a specific key size. For example:

using (DSA dsa = DSA.Create(2048))
// Other code to execute using the dsa instance.
Rfc2898DeriveBytes constructors accept a hash algorithm name
The Rfc2898DeriveBytes class has three new constructors with a HashAlgorithmName parameter that identifies the HMAC algorithm to use when deriving keys. Instead of using SHA-1, developers should use a SHA-2-based HMAC like SHA-256, as shown in the following example:

private static byte[] DeriveKey(string password, out int iterations, out byte[] salt,
out HashAlgorithmName algorithm)
iterations = 100000;
algorithm = HashAlgorithmName.SHA256;

const int SaltSize = 32;
const int DerivedValueSize = 32;

using (Rfc2898DeriveBytes pbkdf2 = new Rfc2898DeriveBytes(password, SaltSize,
iterations, algorithm))
salt = pbkdf2.Salt;
return pbkdf2.GetBytes(DerivedValueSize);
Support for ephemeral keys
PFX import can optionally load private keys directly from memory, bypassing the hard drive. When the new X509KeyStorageFlags.EphemeralKeySet flag is specified in an X509Certificate2 constructor or one of the overloads of the X509Certificate2.Import method, the private keys will be loaded as ephemeral keys. This prevents the keys from being visible on the disk. However:
Since the keys are not persisted to disk, certificates loaded with this flag are not good candidates to add to an X509Store.
Keys loaded in this manner are almost always loaded via Windows CNG. Therefore, callers must access the private key by calling extension methods, such as cert.GetRSAPrivateKey(). The X509Certificate2.PrivateKey property does not function.
Since the legacy X509Certificate2.PrivateKey property does not work with certificates, developers should perform rigorous testing before switching to ephemeral keys.
Programmatic creation of PKCS#10 certification signing requests and X.509 public key certificates
Starting with the .NET Framework 4.7.2, workloads can generate certificate signing requests (CSRs), which allows certificate request generation to be staged into existing tooling. This is frequently useful in test scenarios.
For more information and code examples, see “Programmatic creation of PKCS#10 certification signing requests and X.509 public key certificates” in the .NET Blog.
New SignerInfo members
Starting with the .NET Framework 4.7.2, the SignerInfo class exposes more information about the signature. You can retrieve the value of the System.Security.Cryptography.Pkcs.SignerInfo.SignatureAlgorithm property to determine the signature algorithm used by the signer. SignerInfo.GetSignature can be called to get a copy of the cryptographic signature for this signer.
Leaving a wrapped stream open after CryptoStream is disposed
Starting with the .NET Framework 4.7.2, the CryptoStream class has an additional constructor that allows Dispose to not close the wrapped stream. To leave the wrapped stream open after the CryptoStream instance is disposed, call the new CryptoStream constructor as follows:

var cStream = new CryptoStream(stream, transform, mode, leaveOpen: true);
Decompression changes in DeflateStream
Starting with the .NET Framework 4.7.2, the implementation of decompression operations in the DeflateStream class has changed to use native Windows APIs by default. Typically, this results in a substantial performance improvement.
Support for decompression by using Windows APIs is enabled by default for applications that target .NET Framework 4.7.2. Applications that target earlier versions of .NET Framework but are running under .NET Framework 4.7.2 can opt into this behavior by adding the following AppContext switch to the application configuration file:

<AppContextSwitchOverrides value=”Switch.System.IO.Compression.DoNotUseNativeZipLibraryForDecompression=false” />
Additional collection APIs
The .NET Framework 4.7.2 adds a number of new APIs to the SortedSet<T> and HashSet<T> types. These include:
TryGetValue methods, which extend the try pattern used in other collection types to these two types. The methods are:
`public bool HashSet.TryGetValue(T equalValue, out T actualValue);
`public bool SortedSet.TryGetValue(T equalValue, out T actualValue);
Enumerable.To* extension methods, which convert a collection to a HashSet<T>:
public static HashSet ToHashSet(this IEnumerable source);
public static HashSet ToHashSet(this IEnumerable source, IEqualityComparer comparer);
New HashSet<T> constructors that let you set the collection’s capacity, which yields a performance benefit when you know the size of the HashSet<T> in advance:
public HashSet(int capacity)
public HashSet(int capacity, IEqualityComparer comparer)
The ConcurrentDictionary<TKey,TValue> class includes new overloads of the AddOrUpdate and GetOrAdd methods to retrieve a value from the dictionary or to add it if it is not found, and to add a value to the dictionary or to update it if it already exists.

public TValue AddOrUpdate<TArg>(TKey key, Func<TKey, TArg, TValue> addValueFactory, Func<TKey, TValue, TArg, TValue> updateValueFactory, TArg factoryArgument)

public TValue GetOrAdd<TArg>(TKey key, Func<TKey, TArg, TValue> valueFactory, TArg factoryArgument)
Support for dependency injection in Web Forms
Dependency injection (DI) decouples objects and their dependencies so that an object’s code no longer needs to be changed just because a dependency has changed. When developing ASP.NET applications that target the .NET Framework 4.7.2, you can:
Use setter-based, interface-based, and constructor-based injection in handlers and modules, Page instances, and user controls of ASP.NET web application projects.
Use setter-based and interface-based injection in handlers and modules, Page instances, and user controls of ASP.NET web site projects.
Plug in different dependency injection frameworks.
Support for same-site cookies
SameSite prevents a browser from sending a cookie along with a cross-site request. The .NET Framework 4.7.2 adds a HttpCookie.SameSite property whose value is a System.Web.SameSiteMode enumeration member. If its value is SameSiteMode.Strict or SameSiteMode.Lax, ASP.NET adds the SameSite attribute to the set-cookie header. SameSite support applies to HttpCookie objects, as well as to FormsAuthentication and System.Web.SessionState cookies.
You can set SameSite for an HttpCookie object as follows:

var c = new HttpCookie(“secureCookie”, “same origin”);
c.SameSite = SameSiteMode.Lax;
You can also configure SameSite cookies at the application level by modifying the web.config file:
<httpCookies sameSite=”Strict” />
You can add SameSite for FormsAuthentication and System.Web.SessionState cookies by modifying the web config file:
<authentication mode=”Forms”>
<forms cookieSameSite=”Lax”>
<!– … –>
<authentication />
<sessionSate cookieSameSite=”Lax”></sessionState>
Implementation of HttpClientHandler properties
The .NET Framework 4.7.1 added eight properties to the System.Net.Http.HttpClientHandler class. However, two threw a PlatformNotSupportedException. The .NET Framework 4.7.2 now provides an implementation for these properties. The properties are:
Support for Azure Active Directory Universal Authentication and Multi-Factor authentication
Growing compliance and security demands require that many customers use multi-factor authentication (MFA). In addition, current best practices discourage including user passwords directly in connection strings. To support these changes, the .NET Framework 4.7.2 extends SQLClient connection strings by adding a new value, “Active Directory Interactive”, for the existing “Authentication” keyword to support MFA and Azure AD Authentication. The new interactive method supports native and federated Azure AD users as well as Azure AD guest users. When this method is used, the MFA authentication imposed by Azure AD is supported for SQL databases. In addition, the authentication process requests a user password to adhere to security best practices.
In previous versions of the .NET Framework, SQL connectivity supported only the SqlAuthenticationMethod.ActiveDirectoryPassword and SqlAuthenticationMethod.ActiveDirectoryIntegrated options. Both of these are part of the non-interactive ADAL protocol, which does not support MFA. With the new SqlAuthenticationMethod.ActiveDirectoryInteractive option, SQL connectivity supports MFA as well as existing authentication methods (password and integrated authentication), which allows users to enter user passwords interactively without persisting passwords in the connection string.
For more information and an example, see “SQL — Azure AD Universal and Multi-factor Authentication Support” in the .NET Blog.
Support for Always Encrypted version 2
NET Framework 4.7.2 adds supports for enclave-based Always Encrypted. The original version of Always Encrypted is a client-side encryption technology in which encryption keys never leave the client. In enclave-based Always Encrypted, the client can optionally send the encryption keys to a secure enclave, which is a secure computational entity that can be considered part of SQL Server but that SQL Server code cannot tamper with. To support enclave-based Always Encrypted, the .NET Framework 4.7.2 adds the following types and members to the System.Data.SqlClient namespace:
SqlConnectionStringBuilder.EnclaveAttestationUrl, which specifies the Uri for enclave-based Always Encrypted.
SqlColumnEncryptionEnclaveProvider, which is an abstract class from which all enclave providers are derived.
SqlEnclaveSession, which encapsulates the state for a given enclave session.
SqlEnclaveAttestationParameters, which provides the attestation parameters used by SQL Server to get information required to execute a particular Attestation Protocol.
The application configuration file then specifies a concrete implementation of the abstract System.Data.SqlClient.SqlColumnEncryptionEnclaveProvider class that provides the functionality for the enclave provider. For example:
<section name=”SqlColumnEncryptionEnclaveProviders” type=”System.Data.SqlClient.SqlColumnEncryptionEnclaveProviderConfigurationSection,System.Data,Version=,Culture=neutral,PublicKeyToken=b77a5c561934e089″/>
<add name=”Azure” type=”Microsoft.SqlServer.Management.AlwaysEncrypted.AzureEnclaveProvider,MyApp”/>
<add name=”HGS” type=”Microsoft.SqlServer.Management.AlwaysEncrypted.HGSEnclaveProvider,MyApp” />
</SqlColumnEncryptionEnclaveProviders >
The basic flow of enclave-based Always Encrypted is:
The user creates an AlwaysEncrypted connection to SQL Server that supported enclave-based Always Encrypted. The driver contacts the attestation service to ensure that it is connecting to right enclave.
Once the enclave has been attested, the driver establishes a secure channel with the secure enclave hosted on SQL Server.
The driver shares encryption keys authorized by the client with the secure enclave for the duration of the SQL connection.
Windows Presentation Foundation
Finding ResourceDictionaries by Source
Starting with the .NET Framework 4.7.2, a diagnostic assistant can locate the ResourceDictionaries that have been created from a given source Uri. (This feature is for use by diagnostic assistants, not by production applications.) A diagnostic assistant such as Visual Studio’s “Edit-and-Continue” facility lets its user edit a ResourceDictionary with the intent that the changes be applied to the running application. One step in achieving this is finding all the ResourceDictionaries that the running application has created from the dictionary that’s being edited. For example, an application can declare a ResourceDictionary whose content is copied from a given source URI:
<ResourceDictionary Source=”MyRD.xaml”>
A diagnostic assistant that edits the original markup in MyRD.xaml can use the new feature to locate the dictionary. The feature is implemented by a new static method, ResourceDictionaryDiagnostics.GetResourceDictionariesForSource. The diagnostic assistant calls the new method using an absolute Uri that identifies the original markup, as illustrated by the following code:
IEnumerable<ResourceDictionary> dictionaries = ResourceDictionaryDiagnostics.GetResourceDictionariesForSource(new Uri(“pack://application:,,,/MyApp;component/MyRD.xaml”));
The method returns an empty enumerable unless VisualDiagnostics is enabled and the ENABLE_XAML_DIAGNOSTICS_SOURCE_INFO environment variable is set.
Finding ResourceDictionary owners
Starting with the .NET Framework 4.7.2, a diagnostic assistant can locate the owners of a given ResourceDictionary. (The feature is for use by diagnostic assistants and not by production applications.) Whenever a change is made to a ResourceDictionary, WPF automatically finds all DynamicResource references that might be affected by the change.
A diagnostic assistant such as Visual Studio’s “Edit-and-Continue” facility may want extend this to handle StaticResource references. The first step in this process is to find the owners of the dictionary; that is, to find all the objects whose Resources property refers to the dictionary (either directly, or indirectly via the ResourceDictionary.MergedDictionaries property). Three new static methods implemented on the System.Windows.Diagnostics.ResourceDictionaryDiagnostics class, one for each of the base types that has a Resources property, support this step:
public static IEnumerable<FrameworkElement> GetFrameworkElementOwners(ResourceDictionary dictionary);
public static IEnumerable<FrameworkContentElement> GetFrameworkContentElementOwners(ResourceDictionary dictionary);
public static IEnumerable<Application> GetApplicationOwners(ResourceDictionary dictionary);
These methods return an empty enumerable unless VisualDiagnostics is enabled and the ENABLE_XAML_DIAGNOSTICS_SOURCE_INFO environment variable is set.
Finding StaticResource references
A diagnostic assistant can now receive a notification whenever a StaticResource reference is resolved. (The feature is for use by diagnostic assistants, not by production applications.) A diagnostic assistant such as Visual Studio’s “Edit-and-Continue” facility may want to update all uses of a resource when its value in a ResourceDictionary changes. WPF does this automatically for DynamicResource references, but it intentionally does not do so for StaticResource references. Starting with the .NET Framework 4.7.2, the diagnostic assistant can use these notifications to locate those uses of the static resource.
The notification is implemented by the new ResourceDictionaryDiagnostics.StaticResourceResolved event:
public static event EventHandler<StaticResourceResolvedEventArgs> StaticResourceResolved;
This event is raised whenever the runtime resolves a StaticResource reference. The StaticResourceResolvedEventArgs arguments describe the resolution, and indicate the object and property that host the StaticResource reference and the ResourceDictionary and key used for the resolution:
public class StaticResourceResolvedEventArgs : EventArgs
public Object TargetObject { get; }

public Object TargetProperty { get; }

public ResourceDictionary ResourceDictionary { get; }

public object ResourceKey { get; }
The event is not raised (and its add accessor is ignored) unless VisualDiagnostics is enabled and the ENABLE_XAML_DIAGNOSTICS_SOURCE_INFO environment variable is set.
HDPI-aware applications for Windows Forms, Windows Presentation Foundation (WPF), and Visual Studio Tools for Office (VSTO) can all be deployed by using ClickOnce. If the following entry is found in the application manifest, deployment will succeed under .NET Framework 4.7.2:
<dpiAware xmlns=””>true</dpiAware>
For Windows Forms application, the previous workaround of setting DPI awareness in the application configuration file rather than the application manifest is no longer necessary for ClickOnce deployment to succeed.

Microsoft .NET Framework 4.7.1更新日志


4.7.1还对WPF的DataTemplates做了一些改进,现在DataTemplates中的元素支持自动更新。这一改进的驱动力在于为Visual Studio上“Edit-and-Continue”(编辑并继续)特性提供更好的支持,但是以前并不支持对UI元素做这样的更改。该特性的实现,使得开发人员在调试(Debug)过程中更改DataTemplates后,可在继续运行应用的情况下看到他们所做更改的效果。

Microsoft .NET Framework 4.7.0 更新日志

NET Framework 4.7 contains dozens of bug fixes and improvements. This list details those changes, grouped by feature area. Each change includes our TFS bug numbers at the end of the line. Please include those numbers in your communication if you wish to contact us to obtain more information.


Fixed buffer overflows with large manifests in EventSource.

If a COM interface contain setter only indexed property, Tlbimp will generate incorrect setter property metadata.

Implemented IEnumerator in EventPayload (EventSource).

JIT performance improvements

Improved performance of creating large numbers of TaskSchedulers when a debugger isn’t attached.

EventSourceIndex method is now public.

Support for ToEventKeywords() method instead of working with keywords directly.

Fixed NGen Task to respect battery saver setting.

Fixed a bug where null paths would not throw ArgumentNullException.

Added the case of Wrong machine code generated by RyuJIT on AVX2-capable CPU to the list of instructions that have this characteristic.

Implemented flexibility in specifying Server GC resource consumption.


Opening a cryptographic key with CspParameters.ParentWindowHandle set to this.Handle will now correctly make any PIN or password prompt be modal to the current window

Added ValueTuple types to support C# 7.0 and VB 15 tuples

Added Name property to Regex.Group.

Fixed InvalidPath exception when using FileIOPermissions with device syntax (?),

ECDsa and ECDiffieHellman can now import and export key parameters (all OSes) as well as represent points over an expanded set of curves (Win10).

Fixed an issue in SerialPort where unplugging the device during execution could cause a memory leak in the SerialStream class.

Improved support of RSA decryption with hardware keys


ServicePointManager.SecurityProtocol will default to a new value: SystemDefault which allows applications to use the underlying operating system TLS version selection defaults. New SslStreamAuthenticateAs APIs allow applications to omit the SslProtocols parameter and use the system default. New HashAlgorithmType enum members.

Added support for the TLS Alert Protocol

Updated HttpListener to handle improvements to the token binding protocol.

Fixed pointer offset calculation in HttpListener for token binding struct.


Allows for extensibility of the cache providers that could allow them to operate on new services with less overhead from memory usage.

Introduced a new config parameter ‘timeoutUnit’ for ActiveDirectoryMembershipProvider that can be used to indicate the ‘clientSearchTimeout’ and ‘serverSearchTimeout’ values. These should be interpreted as Days/Hours/Minutes/Seconds/Milliseconds. If not specified, the default is Minutes, as was the previous behavior.

Customer will see a warning in the windows event log if they have specified to use unsecured password formats in their web application.

Fixed assignment issue with max-age value for OutputCache.

Fixed an issue with exception handling for custom membership provider scenario.


WPF now uses PrintDocumentPackageTarget instead of the deprecated XpsPrint API.

Fixed crash in WPF when typing in text with specific language input

The escape sequences have been unescaped in the URLs while converting from XAML to RTF.

Fixed crash in DocumentView when receiving input from IMEs.

Fixed ribbon crash when Alt + accelerator key is pressed to display the submenu.

Previously, large amounts of connects and disconnects of tablet/stylus devices could result in WPF losing all touch support except for promoted mouse messages. This was due to a reference counting issue within WPF and its Windows side touch component (WISP). This change, along with the associated WISP change available in RS2, fixes this situation allowing large numbers of connects and disconnects.

Conversion of BaselineOffset property has been added while converting from XAML to RTF and vice versa.

Modernize touch stack

Fixed crashes in Combobox

Added support for alternative delimiter characters in markup.

Fixed textbox focus issues

Fixed out of memory issues with custom textbox.

In some scenarios, shutting down input for a stylus/touch device (program shutdown or device disconnection) could result in a deadlock. This change alleviates that issue by fixing a timing problem with the WPF stylus/tablet initialization and shutdown code.

In order to disable the WPF stylus/touch stack developers were previously using a private reflection mechanism. This provides a new mechanism in the form of an AppContext switch. Switch.System.Windows.Input.Stylus.DisableStylusAndTouchSupport set to true will fully disable the stylus/touch stack without requiring any private reflection or other workarounds.

Inheritable properties propagate through a new link in the visual tree, including properties declared in a Style newly enabled by the link because a DynamicResource reference now resolves.

ImageSourceConverter.ConvertFromString now throws the correct DirectoryNotFoundException instead of NullReferenceException if called with an invalid path (only on apps targeting .NET Framework 4.7 and above)

Fixed IOException crashes arising from Cursor.LoadFromStream, that could happen on application start.

Fixed a deadlock arising from re-entrant COM requests while waiting for the lock protecting WPF’s weak-event component.

Scroll tracing now supports scenarios involving multiple instances of an ItemsControl with the same name, that enter and leave the visual tree dynamically.

Some ItemsControls allow null to appear in the ItemsSource. If so, the automation for the control should allow null as well. An app that works in a normal environment should not crash in when automation is present.

Fixed an ArgumentException arising from bindings on a non-Visual element declared in a DataGrid cell template.

Improved Grid algorithm usages to allocate space to columns declared with *-width. For details refer to Application compatibility changes.

Fixed crash arising from displaying certain sequences of Unicode characters deemed (by the font and by DWrite) to have negative advance width.

Fixed a crash arising when running two instances of a process that creates multiple large packages when using System.IO.Packaging.

When an exception interrupts a PropertyChanged or Collectionchanged notification raised on a worker thread, other such notifications continue to be processed normally.

Fixed D3DImage memory leak.

Fixed crashes in DataGrid with column virtualization enabled scenario.

Improved reliability of anchored scroll scenarios.

Support for Async and AddJob scenarios in printing.

The content of the selected item in a TabControl is visible to UI Automation, even after changing IsEnabled (or other properties) on the TabItems.


Fixed a bug in SocketConnection.Read which caused the operation to hang when mixing synchronous and asynchronous calls.

Support for CNG certificates. For details refer to Application compatibility changes.

Support for DataContractJsonSerializer to follow ECMAScript 6 when serializing control character.

Fixed process crash in concurrent Dictionary scenario

Fixed a race condition on the cleanup path of WCF Tracing that caused an ObjectDisposedException.

Enabled WCF message security configuration to use TLS1.1 or TLS1.2. For details refer to Application compatibility changes.

Fixed a bug in OperationContext.Current which caused it to return null when called inside an OperationContextScope

Ensure no deadlock occurs when two threads try to abort the channel.


Support for propagating an activity exception as-is instead of throwing a Null Reference Exception. For details refer to Application compatibility changes.

Previously when trying to use Visual Studio to debug XAML-based workflows on a machine with FIPS enabled, one would encounter a NullReferenceException. This has been resolved. However, in order to take advantage of this change, you will need to add the following to the App.Config file for the workflow application: