A new critical warning has appeared in the BizTalk Health Monitor for all of our BizTalk 2013 R2 servers after the latest repository update from Microsoft as shown in the screenshot below.
How did this occur? We built our BizTalk servers using .Net 4.5. This is the supported version of .Net for BizTalk servers. On investigation we discovered windows patching had installed a recommended security update (Microsoft .NET Framework 4.6.1 is available on Windows Update and WSUS) that installs .Net 4.6. The windows patching does not occur automatically and the server team applied this patch because they thought it was recommended by Microsoft.
There is good reason as to why they have installed 4.6 as Microsoft support has ended for 4.5.1. “Support Ending for the .NET Framework 4, 4.5 and 4.5.1. As previously announced, starting January 12, 2016 Microsoft will no longer provide security updates, technical support or hotfixes for .NET 4, 4.5, and 4.5.1 frameworks. All other framework versions, including 3.5, 4.5.2, 4.6 and 4.6.1, will be supported for the duration of their established lifecycle. The decision to end support for these versions will allow us to invest more resources towards improvements of the .NET Framework.”Microsoft .NET Framework 4.6.1 is available on Windows Update and WSUS.
What was missed is that .Net version 4.5.2 is supported going forward.
We have been running without any obvious errors since 18 March , so what it he big deal.
We considered 3 mitigations to this critical warning;
1) Ask Microsoft to certify that .Net 4.6 runtime is supported.
2) Attempt to uninstall and block KB3102467.
3) Do nothing and carry on.
I initially thought we should ignore this warning and carry on and not do anything because the Microsoft warning is not correct. I reasoned that the .Net version 4.6 is supported at runtime and that .Net version 4.5 is only supported at compile time. We compile all our code with the .Net version code set to 4.5 because this is a Microsoft requirement. The .net 4.6 runtime is backward compatible with .net 4.5 and .net 4.5 assemblies should run without any issues. This is what we have observed because we have been running with the.Net 4.6 version for many months now without any known issues. A sequitur on this is that the 4.6 runtime is safe as long as the compile time is set to 4.5. Unfortunately the official word is that “BizTalk Server 2013 R2 only supports .Net framework 4.5.2 . As of now if we are on 4.6X then you are on unsupported version.”
Thus our only option is to uninstall .Net 4.6 and reinstall .Net 4.5.2 if we want to be supported. How risky is that?
I wonder how many other people would admit to falling into this trap. Please reply to this email me or reply to this blog if you have. Go check the .Net versions that are running on your BizTalk 2013 R2 servers now.
POSTSCRIPT added 31/5
We have successfully removed .Net 4.6 and blocked future upgrades from .Net 4.5.2. by the uninstalling the KB3102467.