Microsoft just released Microsoft .NET Framework 4.7.2 (KB4054566) and is are offering it as an important update to Windows Server 2012 and Windows Server 2016 servers. However this version of .NET Framework is not yet supported with any version of Exchange Server, so it should not be installed on those servers to avoid issues. So the best way would be to block it as outlined below.
This article is focusing on Microsoft Exchange, but you might wish to apply the same to your SharePoint or Skype for Business environment and test the update on your test environment first!
To avoid that it is installed (e.g. automatically via Windows update) you can deploy the following registry key (similar as mentioned here):
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\WU] "BlockNetFramework472"=dword:00000001
You can also add the key from an elevated CMD prompt (run as admin) with:
reg add “HKLM\SOFTWARE\Microsoft\NET Framework Setup\NDP\WU” /v BlockNetFramework472 /t REG_DWORD /d 1 /f
Once Microsoft officially starts to support the .NET Framework 4.7.2 (refer to the Exchange Server Supportability Matrix for the latest information about the level of support) on Microsoft Exchange you can delete the key. For example via an elevated CMD prompt (run as admin) with:
reg delete “HKLM\SOFTWARE\Microsoft\NET Framework Setup\NDP\WU” /v BlockNetFramework472 /f
To find out which .NET Framework version is installed your can check this HowTo here.