Versions of .NET

Release 8.0.0-rc.1

  • Released on 2023-09-14
  • Runtime 8.0.0-rc.1.23419.4
  • SDK 8.0.100-rc.1.23463.5
  • ASP.NET Runtime 8.0.0-rc.1.23421.29
  • Windows Desktop Runtime 8.0.0-rc.1.23420.5
  • !Security

SDK 8.0.100-rc.1.23463.5

  • Visual Studio 2022 (v17.8 latest Preview)
  • Visual Studio for Mac 2022 (v17.6.1)
  • C# 12.0
  • F# 8.0
  • VB 16.9

Security

Release notes

(Source)

.NET 8.0.0 RC 1 - September 12, 2023

The .NET 8.0.0 RC 1 and .NET SDK 8.0.100-rc.1.23463.5 releases are available for download. The latest 8.0 release is always listed at .NET 8.0 Releases.

.NET SDK 8.0.100-rc.1.23463.5 - September 14 2023

Today, we are releasing a new version of .NET SDK. This release suprecedes the .NET SDK 8.0.100-rc.1.23455.8 version. The .NET SDK 8.0.100-rc.1.23463.5 is available in Visual Studio 17.8 Preview 1.

This resolves an issue where the .NET SDK 8.0.100-rc.1.23455.8 did not recognize a new certificate in MAUI optional workload. This caused the workload install to fail when using the .NET CLI. Customers would see an error even though the package was correctly signed.

Failed to update the advertising manifest microsoft.net.sdk.maui: Failed to validate package signing.
Verifying Microsoft.NET.Sdk.Maui.Manifest-8.0.100-rc.1.Msi.x64.8.0.0-rc.1.9171

What's new in .NET 8 RC 1

.NET 8 is the next major release of .NET following .NET 7.0. You can see some of the new features available with .NET 8 RC 1 at dotnet/core #8439.

See the .NET and ASP.NET Core blogs for additional details. Here is list of some of the additions and updates we're excited to bring in RC 1.

Downloads

SDK Installer1 SDK Binaries1 Runtime Installer Runtime Binaries ASP.NET Core Runtime Windows Desktop Runtime
Windows x86 | x64 | Arm64 x86 | x64 | Arm64 x86 | x64 | Arm64 x86 | x64 | Arm64 x86 | x64 |
Hosting Bundle2
x86 | x64 | Arm64
macOS x64 | ARM64 x64 | ARM64 x64 | ARM64 x64 | ARM64 x64 | ARM64 - 1
Linux Snap and Package Manager x64 | Arm | Arm64 | Arm32 Alpine | x64 Alpine Packages (x64) x64 | Arm | Arm64 | Arm32 Alpine | Arm64 Alpine | x64 Alpine x641 | Arm1 | Arm641 | x64 Alpine - 1
Checksums Checksums Checksums Checksums Checksums Checksums
  1. Includes the .NET Runtime and ASP.NET Core Runtime
  2. For hosting stand-alone apps on Windows Servers. Includes the ASP.NET Core Module for IIS and can be installed separately on servers without installing .NET Runtime.

The .NET SDK includes a matching updated .NET Runtime. Downloading the Runtime or ASP.NET Core packages is not needed when installing the SDK.

You can check your .NET SDK version by running the following command. The example version shown is for this release.

$ dotnet --version
8.0.100-rc.1.23463.5

.NET Multi-Platform App UI (MAUI) Workload Downloads

After installing the .NET SDK, you can install .NET MAUI using the dotnet workload install command:

$ dotnet workload install maui

The following workloads are also available to install individually:

$ dotnet workload install android
$ dotnet workload install ios
$ dotnet workload install maccatalyst
$ dotnet workload install macos
$ dotnet workload install tvos

Docker Images

The .NET Docker images have been updated for this release. The .NET Docker samples show various ways to use .NET and Docker together. You can use the following command to try running the latest .NET 8.0 release in containers:

docker run --rm mcr.microsoft.com/dotnet/samples

The following repos have been updated.

Visual Studio Compatibility

You need Visual Studio 17.7 latest preview to use .NET 8.0 on Windows. Visual Studio for Mac 17.6.1 now supports .NET 8.0 Previews. Users can separately install the .NET 8 SDK and enable a preview feature in Preferences to enable the IDE to discover and use the .NET 8 SDK for creating, loading, building, and debugging projects.

Notable Fixes

.NET 8.0 RC 1 carries security fixes

Note: The vulnerabilities CVE-2023-36792, CVE-2023-36793, CVE-2023-36792, CVE-2023-36796 are all resolved by a single patch. Get this update to resolve all of them.

CVE-2023-36792 - .NET Remote Code Execution Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

A vulnerability exists in Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file which may lead to remote code execution. This issue only affects Windows systems.

CVE-2023-36793 - .NET Remote Code Execution Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

A vulnerability exists in Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file which may lead to remote code execution. This issue only affects Windows systems.

CVE-2023-36794 - .NET Remote Code Execution Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

A vulnerability exists in Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file which may lead to remote code execution. This issue only affects Windows systems.

CVE-2023-36796 - .NET Remote Code Execution Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

A vulnerability exists in Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file which may lead to remote code execution. This issue only affects Windows systems.

CVE-2023-36799 - .NET Denial of Service Vulnerability

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.

A vulnerability exists in .NET where reading a maliciously crafted X.509 certificate may result in Denial of Service. This issue only affects Linux systems.

Feedback

Your feedback is important and appreciated. We've created an issue at dotnet/core #8759 for your questions and comments.

Downloads