What’s new in the .NET Framework
Introducing .NET Framework 4.8
.NET Framework 4.8 builds on previous versions of the .NET Framework 4.x by adding many new fixes and several new features while remaining a very stable product
.NET Framework 4.8 can be installed on Windows 10, Windows 8.1, Windows 7 SP1, and the corresponding server platforms starting with Windows Server 2008 R2 SP1. You can install .NET Framework 4.8 by using either the web installer or the offline installer. The recommended way for most users is to use the web installer.
Downloading and installing .NET Framework 4.8
You can download .NET Framework 4.8 from the following locations:
.NET Framework 4.8 can be installed on Windows 10, Windows 8.1, Windows 7 SP1, and the corresponding server platforms starting with Windows Server 2008 R2 SP1. You can install .NET Framework 4.8 by using either the web installer or the offline installer. The recommended way for most users is to use the web installer.
You can target .NET Framework 4.8 in Visual Studio 2012 or later by installing the .NET Framework 4.8 Developer Pack.
What’s new in .NET Framework 4.8
.NET Framework 4.8 introduces new features in the following areas:
- Base classes
- Windows Communication Foundation (WCF)
- Windows Presentation Foundation (WPF)
- Common language runtime
Improved accessibility, which allows an application to provide an appropriate experience for users of Assistive Technology, continues to be a major focus of .NET Framework 4.8. For information on accessibility improvements in .NET Framework 4.8, see What’s new in accessibility in the .NET Framework.
Base classes
Reduced FIPS impact on Cryptography. In previous versions of the .NET Framework, managed cryptographic provider classes such as SHA256Managed throw a CryptographicException when the system cryptographic libraries are configured in “FIPS mode”. These exceptions are thrown because the managed versions of the cryptographic provider classes, unlike the system cryptographic libraries, have not undergone FIPS (Federal Information Processing Standards) 140-2 certification. Because few developers have their development machines in FIPS mode, the exceptions are commonly thrown in production systems.
By default in applications that target .NET Framework 4.8, the following managed cryptography classes no longer throw a CryptographicException in this case:
Instead, these classes redirect cryptographic operations to a system cryptography library. This change effectively removes a potentially confusing difference between developer environments and production environments and makes native components and managed components operate under the same cryptographic policy. Applications that depend on these exceptions can restore the previous behavior by setting the AppContext switch Switch.System.Security.Cryptography.UseLegacyFipsThrow to true. For more information, see Managed cryptography classes do not throw a CryptographyException in FIPS mode.
Use of updated version of ZLib
Starting with .NET Framework 4.5, the clrcompression.dll assembly uses ZLib, a native external library for data compression, in order to provide an implementation for the deflate algorithm. The .NET Framework 4.8, clrcompression.dll is updated to use ZLib Version 1.2.11, which includes several key improvements and fixes.
Windows Communication Foundation (WCF)
Introduction of ServiceHealthBehavior
Health endpoints are widely used by orchestration tools to manage services based on their health status. Health checks can also be used by monitoring tools to track and provide notifications about the availability and performance of a service.
ServiceHealthBehavior is a WCF service behavior that extends IServiceBehavior. When added to the ServiceDescription.Behaviors collection, a service behavior does the following:
- Returns service health status with HTTP response codes. You can specify in a query string the HTTP status code for a HTTP/GET health probe request.
- Publishes information about service health. Service-specific details, including service state, throttle counts, and capacity can be displayed by using an HTTP/GET request with the
?healthquery string. Ease of access to such information is important when troubleshooting a misbehaving WCF service.
There are two ways to expose the health endpoint and publish WCF service health information:
- Through code. For example:C#Copy
ServiceHost host = new ServiceHost(typeof(Service1), new Uri("http://contoso:81/Service1")); ServiceHealthBehavior healthBehavior = host.Description.Behaviors.Find<ServiceHealthBehavior>(); healthBehavior ??= new ServiceHealthBehavior(); host.Description.Behaviors.Add(healthBehavior);- By using a configuration file. For example:XMLCopy
<behaviors> <serviceBehaviors> <behavior name="DefaultBehavior"> <serviceHealth httpsGetEnabled="true"/> </behavior> </serviceBehaviors> </behaviors>
A service’s health status can be queried by using query parameters such as OnServiceFailure, OnDispatcherFailure, OnListenerFailure, OnThrottlePercentExceeded), and an HTTP response code can be specified for each query parameter. If the HTTP response code is omitted for a query parameter, a 503 HTTP response code is used by default. For example:
- OnServiceFailure:
https://contoso:81/Service1?health&OnServiceFailure=450A 450 HTTP response status code is returned when ServiceHost.State is greater than CommunicationState.Opened. Query parameters and examples: - OnDispatcherFailure:
https://contoso:81/Service1?health&OnDispatcherFailure=455A 455 HTTP response status code is returned when the state of any of the channel dispatchers is greater than CommunicationState.Opened. - OnListenerFailure:
https://contoso:81/Service1?health&OnListenerFailure=465A 465 HTTP response status code is returned when the state of any of the channel listeners is greater than CommunicationState.Opened. - OnThrottlePercentExceeded:
https://contoso:81/Service1?health&OnThrottlePercentExceeded= 70:350,95:500Specifies the percentage {1 – 100} that triggers the response and its HTTP response code {200 – 599}. In this example:- If the percentage is greater than 95, a 500 HTTP response code is returned.
- If the percentage or between 70 and 95, 350 is returned.
- Otherwise, 200 is returned.
The service health status can be displayed either in HTML by specifying a query string like https://contoso:81/Service1?health or in XML by specifying a query string like https://contoso:81/Service1?health&Xml. A query string like https://contoso:81/Service1?health&NoContent returns an empty HTML page.
Windows Presentation Foundation (WPF)
High DPI enhancements
In .NET Framework 4.8, WPF adds support for Per-Monitor V2 DPI Awareness and Mixed-Mode DPI scaling. See High DPI Desktop Application Development on Windows for additional information about high DPI development.
.NET Framework 4.8 improves support for hosted HWNDs and Windows Forms interoperation in High-DPI WPF applications on platforms that support Mixed-Mode DPI scaling (starting with Windows 10 April 2018 Update). When hosted HWNDs or Windows Forms controls are created as Mixed-Mode DPI-scaled windows by calling SetThreadDpiHostingBehavior and SetThreadDpiAwarenessContext, they can be hosted in a Per-Monitor V2 WPF application and are sized and scaled appropriately. Such hosted content is not rendered at the native DPI; instead, the operating system scales the hosted content to the appropriate size. The support for Per-Monitor v2 DPI awareness mode also allows WPF controls to be hosted (i.e., parented) in a native window in a high-DPI application.
To enable support for Mixed-Mode High DPI scaling, you can set the following AppContext switches the application configuration file:XMLCopy
<runtime>
<AppContextSwitchOverrides value = "Switch.System.Windows.DoNotScaleForDpiChanges=false; Switch.System.Windows.DoNotUsePresentationDpiCapabilityTier2OrGreater=false"/>
</runtime>
Common language runtime
The runtime in .NET Framework 4.8 includes the following changes and improvements:
Improvements to the JIT compiler. The Just-in-time (JIT) compiler in .NET Framework 4.8 is based on the JIT compiler in .NET Core 2.1. Many of the optimizations and all of the bug fixes made to the .NET Core 2.1 JIT compiler are included in the .NET Framework 4.8 JIT compiler.
NGEN improvements. The runtime has improved its memory management for Native Image Generator (NGEN) images so that data mapped from NGEN images are not memory-resident. This reduces the surface area available to attacks that attempt to execute arbitrary code by modifying memory that will be executed.
Antimalware scanning for all assemblies. In previous versions of the .NET Framework, the runtime scans all assemblies loaded from disk using either Windows Defender or third-party antimalware software. However, assemblies loaded from other sources, such as by the Assembly.Load(Byte[]) method, are not scanned and can potentially contain undetected malware. Starting with .NET Framework 4.8 running on Windows 10, the runtime triggers a scan by antimalware solutions that implement the Antimalware Scan Interface (AMSI).
