Microsoft has urged developers still using the long-term support (LTS) release of .NET Core 3.1 to migrate to the latest .NET Core versions until it reaches the end of support (EOS) next month.
The company warned customers on the Windows message center to upgrade to .NET 6 (LTS) or .NET 7 “as soon as possible” before .NET Core 3.1 (LTS) reaches EOS on December 13, 2022.
As Dominique Whittaker, the Senior Program Manager responsible for .NET Core and .NET Native releases, warned this July, Microsoft will stop providing technical support or servicing updates after EOS.
“We recommend moving to .NET 6 as soon as possible. If you are still using .NET Core 3.1 after the end of support date, you’ll need to update your app to .NET 6 or .NET 7 to remain supported and continue to receive .NET updates,” Whittaker said.
While .NET Core 3.1 apps will still run after the EOS is reached in less than a month, they will be exposed to attacks targeting any of the security vulnerabilities patched in .NET Core 6 since its initial release in November 2021.
Whittaker also shared detailed steps on how software vendors and developers can upgrade to .NET 6 (LTS) and how to update their development environment.
“If you’re migrating an app to .NET 6, some breaking changes might affect you. We recommend you to go through the compatibility check,” the Microsoft PM added.
Those who want to migrate to the latest available release can upgrade to .NET 7, which was released earlier this month on November 8th and will be supported for 18 months.
“.NET 7 brings your apps increased performance and new features for C# 11/F# 7, .NET MAUI, ASP.NET Core/Blazor, Web APIs, WinForms, WPF and more,” the .NET team said.
“With .NET 7, you can also easily containerize your .NET 7 projects, set up CI/CD workflows in GitHub actions, and achieve cloud-native observability.”
In April, Microsoft also warned developers to migrate their apps away from .NET Framework 4.5.2, 4.6, and 4.6.1 to at least .NET Framework 4.6.2 or later before they reached their EOS on April 26, to continue receiving security updates and technical support.
These three .NET Framework versions were retired after the switch to SHA-2 signing because they were digitally signed with certificates using the legacy and insecure SHA-1 cryptographic hashing algorithm.
Source: www.bleepingcomputer.com