What to do about IE and .NET?

It looks as if Internet Explorer (IE) will soon be gone from our PCs and .NET 4.5.2, 4.6 and 4.6.1 will drop out of support on April 26. So, we should just rip out IE and .NET from our machines, right?

Not so fast. First, you might have an application that relies on an older version of IE or .NET; removing them might not be wise – especially if you’re still using Windows 7. Or you can wait for updates from important vendors. Case in point: I recently received an email from a key vendor saying it will be providing software updates to remove a dependency from IE. The vendor is going so far as to provide updates to older software releases that date back to 2017. (The software is released annually and, thus, needs updates to use older versions.)

But Microsoft is not deprecating or removing the Trident engine, which provides support for software including forms.webbrowser and iemode. In fact, the Trident engine will be supported until 2029 and  Microsoft itself is already providing support for Webview2 to Chromium and Trident engines. (If you’ve suddenly wondered why Webview2 was installed on your computer, you probably have a Microsoft 365 application installed.) These days, I strongly recommend having multiple browsers installed one your PC; use one for general surfing (with the highest restrictions and privacy plug-ins) and a fallback browser with default settings intact that you can use for any websites that refuses to work with your settings.

As for .NET 4.5.2, 4.6 and 4.6.1, they’re going away “because the .NET Framework was previously digitally signed using certificates that use the Secure Hash Algorithm 1 (SHA-1), and we are prioritizing support to newer digital certificates.”

Don’t remember what the .NET framework is? It’s the original implementation of .NET and provides a framework for developers to code with (and deliver the software you use routinely).

As Microsoft notes, it “provides a consistent object-oriented programming environment whether object code is stored and executed locally, executed locally but Internet-distributed, or executed remotely. It provides a code-execution environment that minimizes software deployment and versioning conflicts. Lastly, it provides a code-execution environment that promotes safe execution of code, including code created by an unknown or semi-trusted third party.

In a nutshell, it’s one of those building blocks developers use to create the software we all use.

To be honest, .NET has always been a bit confusing. For many years, I used to cringe each time a .NET update came out, as it would cause havoc with many of my line-of-business apps. Intuit’s QuickBooks, for example, would install the specific .NET it needed or complain when you didn’t have .NET 3.5 installed. Fortunately, .NET has become better behaved; I haven’t had to rip out and reinstall .NET in years. (Too bad Windows as a whole can’t learn a few of the same lessons.)

Microsoft

Let’s determine what version of .NET you have. Open a simple command line and type in dir %windir%Microsoft.NETFramework /AD. On a typical Windows 10 machine, you’ll see a screen that indicates you have .NET 1, 2, 2, 3.5 and 4. That doesn’t mean it’s time to get rid of those really old versions, however. (In fact, you likely don’t have all those older .NET versions installed, it just means your .NET is backwards compatible.) You should also know that there are new .NET releases that no longer user “Framework” and “Core” in their naming.

Another way to view which version of .NET you have installed is to review the registry key located at HKEY_LOCAL_MACHINESOFTWAREMicrosoftNET Framework SetupNDPv4Full. If the Full subkey is missing, then .NET Framework 4.5 or above isn’t installed.

Microsoft

If you do have the “Full” subkey, browse to it and compare the number on the far right next to release in parentheses and then compare it to the chart on this page. On my Windows 10 21H2 machine, I have .NET framework version 528372 — indicating I have .NET framework 4.8 that is still supported and patched.

You’ll also want to ensure .NET is receiving security updates. You may not realize it, but you may have never enabled a setting for Windows – or rather, Microsoft Update – to detect that you have .NET installed. If you go to Settings, then Update and Security, then Windows update, then Advanced options, make sure to check, “Receive updates for other Microsoft products when you update Windows.” Unless you have this box checked, your system may not get updates for newer .NET platforms installed by apps.

Microsoft

If you find that you have.NET 4.5.2, 4.6 and 4.6.1 installed on your computer, you could have a line-of-business application that still relies on that version. Do you remember which one installed it? Based on this FAQ, your application should work fine if you install .NET 4.8. But I still recommend reaching out to the vendor to ensure that when you install .NET framework 4.8 the application will still work.

Still confused? You’re not alone. I’ve often found that it’s hard to understand what .NET releases are shipped with which versions of Windows 10. Keeping up with them is hard enough for developers, let alone end users. I’m hoping someone will come up with a better and easier way to know what is on our systems and how best to remove what should and should not be there. I’ll keep you posted.