Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage News .NET 4.6.2 Preview Brings Security and WPF Features

.NET 4.6.2 Preview Brings Security and WPF Features

This item in japanese

While most of the attention is on .NET Core, work continues on the original .NET Framework. Recently released as a preview, version 4.6.2 is primarily focused on security and WinForms/WPF related features.


When distributing Windows Forms or WPF based applications, most organizations strongly consider using ClickOnce. Designed long before the invention of app stores, ClickOnce allows applications to be easily distributed via URLs. And unlike programs distributed via an app store, ClickOnce applications can self-update as new versions are released. With a little server-side work, you can control exactly which version is offered on a per-person basis.

Since ClickOnce applications are so vital to enterprise users, security is of course a major concern. Which is why operations teams have been rather frustrated with Microsoft's slow adoption of TLS standards. Though TLS 1.1 was released in 2006 and TLS 1.2 in 2008, this will be the first version of .NET's ClickOnce to actually support those standards.


First up is support for new standards. From the announcement,

The .NET Framework 4.6.2 adds support for DSA (Digital Signature Algorithm) X509 certificates whose keys exceed the FIPS 186-2 limit of 1024-bit.

In addition to supporting the larger key sizes of FIPS 186-3, the .NET Framework 4.6.2 allows computing signatures with the SHA-2 family of hash algorithms (SHA256, SHA384, and SHA512). The FIPS 186-3 support is provided by the new DSACng class.

When it comes to storing “persisted symmetric keys on software and hardware devices”, Microsoft has offered the Cryptography API: Next Generation (CNG) since at least Windows 7. Yet again .NET is slow on the update, with this update being the first version that supports it.

Next up is SignedXml. As the name implies, SignedXml is an implementation of the W3C’s XML Digital Signature standard. New in .NET 4.6.2 is SignedXml support for “RSA-SHA256, RSA-SHA384, and RSA-SHA512 PKCS#1 signature methods, and SHA256, SHA384, and SHA512 reference digest algorithms”.


When working with Windows 10, WPF can now automatically show and hide a soft keyboard (i.e. on-screen keyboard) as appropriate with disabling WPF stylus/touch support. This is part of a larger push towards improving the lackluster stylus support in Windows. (Historical note: Windows has had basic stylus support since 2002’s Windows XP Tablet PC Edition.)

Another push for Microsoft over the last couple of years is recognition of high DPI issues. These occur when running an application on a monitor with a much higher DPI than what was traditionally used in the past. Among other problems, this can cause images to become shrunken or blurry.

Related to this is multi-monitor support. Even if the application fixes the high DPI issues for one monitor, it can run into problems with the user has multiple monitors with different DPI settings. In the past this could be addressed with native code, but now Microsoft is offering direct .NET support for per-monitor DPI aware applications.

For more information or to download the preview, see Announcing the .NET Framework 4.6.2 Preview.

Rate this Article