dukdukgoos Posted December 20, 2022 Share Posted December 20, 2022 As of 12/13/2022 the .NET Core lib that LaunchBox requires has reached End of Life and will no longer get security updates from Microsoft. When will Launchbox be updated to support .NET 6? https://dotnet.microsoft.com/en-us/platform/support/policy/dotnet-core Quote Link to comment Share on other sites More sharing options...
C-Beats Posted December 20, 2022 Share Posted December 20, 2022 End of support is not end of life. The runtime will still be distributed and work on machines just like it does now. It just means that if we had to reach out to Microsoft with a problem they'd tell us "Sucks to be you". We are looking into updating .NET versions but the move isn't a simple version change because of some dependencies we use and so it'll probably happen sometime next year but isn't something we really feel the need to rush to and have some things we need to work out before the move is even possible. Quote Link to comment Share on other sites More sharing options...
dukdukgoos Posted December 21, 2022 Author Share Posted December 21, 2022 End of support means no more security patches, which means Windows users have to keep an potentially insecure piece of software installed to continue to use Launchbox. I understand that the dependency issues may be difficult, but I hope you'll take this seriously and do it as fast as possible, as having unpatched software on a Windows machine is not a good idea. Quote Link to comment Share on other sites More sharing options...
C-Beats Posted December 21, 2022 Share Posted December 21, 2022 35 minutes ago, dukdukgoos said: End of support means no more security patches, which means Windows users have to keep an potentially insecure piece of software installed to continue to use Launchbox. I understand that the dependency issues may be difficult, but I hope you'll take this seriously and do it as fast as possible, as having unpatched software on a Windows machine is not a good idea. The security risk would be with the runtime not the program, and it's ability to interact negatively with an open security hole in the OS which IS still supported and would patched to correct. Security definitions would also be added to Windows Defender to combat the issue. The real world risk by not upgrading is almost non-existent. Should a real threat reveal itself we would of course increase the time table, but at this time that simply isn't true. There are several real world issues with us not upgrading that we can replicate now that are far more detrimental and a realistic outcome than a introduced security vulnerability. We have every intention of upgrading the version some point in the near future, but want to ensure it is done correctly, not only to maintain feature parity, but to ensure that we are doing things correctly in the new .NET version to help mitigate future issues (like your security concerns) we would be dealing with on that version. 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.