diff --git a/Directory.Build.props b/Directory.Build.props
index 5d4ed6fd5..0dcf43ac5 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -85,16 +85,35 @@
     <FxCopAnalyzersVersion>3.3.0</FxCopAnalyzersVersion>
     <SystemTextEncodingsWebVersion>4.7.2</SystemTextEncodingsWebVersion>
     <AzureSecurityKeyVaultSecretsVersion>4.6.0</AzureSecurityKeyVaultSecretsVersion>
-    <AzureIdentityVersion>1.11.4</AzureIdentityVersion>
+    <AzureIdentityVersion>1.17.2</AzureIdentityVersion>
     <AzureSecurityKeyVaultCertificatesVersion>4.6.0</AzureSecurityKeyVaultCertificatesVersion>
     <MicrosoftGraphVersion>4.36.0</MicrosoftGraphVersion>
     <MicrosoftGraphBetaVersion>4.57.0-preview</MicrosoftGraphBetaVersion>
     <!--CVE-2024-43485-->
-    <SystemTextJsonVersion>8.0.5</SystemTextJsonVersion>
+    <SystemTextJsonVersion>8.0.6</SystemTextJsonVersion>
     <!--CVE-2023-29331-->
     <SystemFormatsAsn1Version>8.0.1</SystemFormatsAsn1Version>
     <BannedApiAnalyzersVersion>4.14.0</BannedApiAnalyzersVersion>
     <PublicApiAnalyzersVersion>4.14.0</PublicApiAnalyzersVersion>
+    <!-- Logging.Abstractions needs a separate version variable because Azure.Core 1.50.0
+         (via System.ClientModel 1.8.0) requires Logging.Abstractions >= 8.0.3, but the full
+         Microsoft.Extensions.Logging package has no 8.0.3 release (jumps from 8.0.1 to 9.0.0). -->
+    <MicrosoftExtensionsLoggingAbstractionsVersion>8.0.3</MicrosoftExtensionsLoggingAbstractionsVersion>
+  </PropertyGroup>
+
+  <PropertyGroup Label="Microsoft.Extensions base versions">
+    <!-- Base M.E.* version for all TFMs; TFM-specific blocks override as needed.
+         On net8.0, most match the base with specific hotfix overrides.
+         On net9.0/net10.0, everything is overridden to match the runtime version. -->
+    <CommonMicrosoftExtensionsVersion>8.0.0</CommonMicrosoftExtensionsVersion>
+    <MicrosoftExtensionsCachingMemoryVersion>8.0.1</MicrosoftExtensionsCachingMemoryVersion>
+    <MicrosoftExtensionsConfigurationVersion>$(CommonMicrosoftExtensionsVersion)</MicrosoftExtensionsConfigurationVersion>
+    <MicrosoftExtensionsConfigurationBinderVersion>$(CommonMicrosoftExtensionsVersion)</MicrosoftExtensionsConfigurationBinderVersion>
+    <MicrosoftExtensionsConfigurationJsonVersion>$(CommonMicrosoftExtensionsVersion)</MicrosoftExtensionsConfigurationJsonVersion>
+    <MicrosoftExtensionsDependencyInjectionVersion>$(CommonMicrosoftExtensionsVersion)</MicrosoftExtensionsDependencyInjectionVersion>
+    <MicrosoftExtensionsHostingVersion>$(CommonMicrosoftExtensionsVersion)</MicrosoftExtensionsHostingVersion>
+    <MicrosoftExtensionsHttpVersion>$(CommonMicrosoftExtensionsVersion)</MicrosoftExtensionsHttpVersion>
+    <MicrosoftExtensionsLoggingVersion>$(CommonMicrosoftExtensionsVersion)</MicrosoftExtensionsLoggingVersion>
   </PropertyGroup>
 
   <PropertyGroup Condition="'$(TargetFramework)' == 'net9.0'">
@@ -110,6 +129,7 @@
     <SystemSecurityCryptographyPkcsVersion>$(SystemSecurityCryptographyServicingVersion)</SystemSecurityCryptographyPkcsVersion>
     <SystemSecurityCryptographyXmlVersion>$(SystemSecurityCryptographyServicingVersion)</SystemSecurityCryptographyXmlVersion>
     <MicrosoftExtensionsLoggingVersion>$(NetNineRuntimeVersion)</MicrosoftExtensionsLoggingVersion>
+    <MicrosoftExtensionsLoggingAbstractionsVersion>$(NetNineRuntimeVersion)</MicrosoftExtensionsLoggingAbstractionsVersion>
     <MicrosoftExtensionsConfigurationBinderVersion>$(NetNineRuntimeVersion)</MicrosoftExtensionsConfigurationBinderVersion>
     <SystemFormatsAsn1Version>$(NetNineRuntimeVersion)</SystemFormatsAsn1Version>
     <SystemTextJsonVersion>$(NetNineRuntimeVersion)</SystemTextJsonVersion>
@@ -129,6 +149,7 @@
     <SystemSecurityCryptographyPkcsVersion>$(SystemSecurityCryptographyServicingVersion)</SystemSecurityCryptographyPkcsVersion>
     <SystemSecurityCryptographyXmlVersion>$(SystemSecurityCryptographyServicingVersion)</SystemSecurityCryptographyXmlVersion>
     <MicrosoftExtensionsLoggingVersion>$(NetTenRuntimeVersion)</MicrosoftExtensionsLoggingVersion>
+    <MicrosoftExtensionsLoggingAbstractionsVersion>$(NetTenRuntimeVersion)</MicrosoftExtensionsLoggingAbstractionsVersion>
     <MicrosoftExtensionsConfigurationBinderVersion>$(NetTenRuntimeVersion)</MicrosoftExtensionsConfigurationBinderVersion>
     <SystemFormatsAsn1Version>$(NetTenRuntimeVersion)</SystemFormatsAsn1Version>
     <SystemTextJsonVersion>$(NetTenRuntimeVersion)</SystemTextJsonVersion>
@@ -139,36 +160,19 @@
     <MicrosoftAspNetCoreAuthenticationJwtBearerVersion>8.0.0</MicrosoftAspNetCoreAuthenticationJwtBearerVersion>
     <MicrosoftAspNetCoreAuthenticationOpenIdConnectVersion>8.0.0</MicrosoftAspNetCoreAuthenticationOpenIdConnectVersion>
     <MicrosoftExtensionsCachingMemoryVersion>8.0.1</MicrosoftExtensionsCachingMemoryVersion>
-    <MicrosoftExtensionsHostingVersion>8.0.0</MicrosoftExtensionsHostingVersion>
     <MicrosoftAspNetCoreDataProtectionVersion>8.0.1</MicrosoftAspNetCoreDataProtectionVersion>
     <SystemSecurityCryptographyPkcsVersion>8.0.1</SystemSecurityCryptographyPkcsVersion>
     <SystemSecurityCryptographyXmlVersion>8.0.3</SystemSecurityCryptographyXmlVersion>
-    <MicrosoftExtensionsLoggingVersion>8.0.0</MicrosoftExtensionsLoggingVersion>
     <SystemTextEncodingsWebVersion>8.0.0</SystemTextEncodingsWebVersion>
-    <MicrosoftExtensionsConfigurationBinderVersion>8.0.0</MicrosoftExtensionsConfigurationBinderVersion>
-    <MicrosoftExtensionsDependencyInjectionVersion>8.0.0</MicrosoftExtensionsDependencyInjectionVersion>
   </PropertyGroup>
 
   <PropertyGroup Condition="'$(TargetFramework)' == 'net462'">
     <MicrosoftAspNetCoreAuthenticationJwtBearerVersion>6.0.0-*</MicrosoftAspNetCoreAuthenticationJwtBearerVersion>
     <MicrosoftAspNetCoreAuthenticationOpenIdConnectVersion>6.0.0-*</MicrosoftAspNetCoreAuthenticationOpenIdConnectVersion>
-    <MicrosoftExtensionsCachingMemoryVersion>6.0.2</MicrosoftExtensionsCachingMemoryVersion>
-    <!-- Microsoft.Extensions.* 5.* are obsoleted -->
-    <MicrosoftExtensionsHostingVersion>6.0.0</MicrosoftExtensionsHostingVersion>
-    <MicrosoftExtensionsHttpVersion>3.1.3</MicrosoftExtensionsHttpVersion>
     <MicrosoftAspNetCoreDataProtectionVersion>6.0.0</MicrosoftAspNetCoreDataProtectionVersion>
     <SystemSecurityCryptographyPkcsVersion>7.0.2</SystemSecurityCryptographyPkcsVersion>
     <SystemSecurityCryptographyXmlVersion>6.0.1</SystemSecurityCryptographyXmlVersion>
-
-    <!-- CVE-2022-34716 due to DataProtection 5.0.8 -->
     <SystemTextEncodingsWebVersion>6.0.0</SystemTextEncodingsWebVersion>
-
-    <!-- 6.0.0 as 5.x are deprecated -->
-    <MicrosoftExtensionsLoggingVersion>6.0.0</MicrosoftExtensionsLoggingVersion>
-
-    <!-- Microsoft.Extensions.Configuration.Binder 6.* are obsoleted -->
-    <MicrosoftExtensionsConfigurationBinderVersion>6.0.0</MicrosoftExtensionsConfigurationBinderVersion>
-    <MicrosoftExtensionsDependencyInjectionVersion>2.1.0</MicrosoftExtensionsDependencyInjectionVersion>
   </PropertyGroup>
 
   <PropertyGroup Condition="'$(TargetFramework)' == 'netstandard2.0' Or '$(TargetFramework)' == 'net472'">
@@ -176,13 +180,6 @@
     <!-- CVE-2022-34716 due to DataProtection 2.1.0 -->
     <SystemSecurityCryptographyPkcsVersion>7.0.2</SystemSecurityCryptographyPkcsVersion>
     <SystemSecurityCryptographyXmlVersion>4.7.1</SystemSecurityCryptographyXmlVersion>
-    <MicrosoftExtensionsLoggingVersion>4.7.1</MicrosoftExtensionsLoggingVersion>
-    <MicrosoftExtensionsCachingMemoryVersion>2.1.0</MicrosoftExtensionsCachingMemoryVersion>
-    <MicrosoftExtensionsHostingVersion>2.1.1</MicrosoftExtensionsHostingVersion>
-    <MicrosoftExtensionsHttpVersion>3.1.3</MicrosoftExtensionsHttpVersion>
-    <MicrosoftExtensionsLoggingVersion>2.1.0</MicrosoftExtensionsLoggingVersion>
-    <MicrosoftExtensionsDependencyInjectionVersion>2.1.0</MicrosoftExtensionsDependencyInjectionVersion>
-    <MicrosoftExtensionsConfigurationBinderVersion>2.1.0</MicrosoftExtensionsConfigurationBinderVersion>
   </PropertyGroup>
 
   <ItemGroup>
diff --git a/src/Microsoft.Identity.Web.Certificate/KeyVaultCertificateLoader.cs b/src/Microsoft.Identity.Web.Certificate/KeyVaultCertificateLoader.cs
index 1c83b0e19..030366ca6 100644
--- a/src/Microsoft.Identity.Web.Certificate/KeyVaultCertificateLoader.cs
+++ b/src/Microsoft.Identity.Web.Certificate/KeyVaultCertificateLoader.cs
@@ -66,7 +66,6 @@ public async Task LoadIfNeededAsync(CredentialDescription credentialDescription,
                     ExcludeAzureDeveloperCliCredential = true,
                     ExcludeAzurePowerShellCredential = true,
                     ExcludeInteractiveBrowserCredential = true,
-                    ExcludeSharedTokenCacheCredential = true,
                     ExcludeVisualStudioCodeCredential = true,
                     ExcludeVisualStudioCredential = true
                 };
diff --git a/src/Microsoft.Identity.Web.Certificate/Microsoft.Identity.Web.Certificate.csproj b/src/Microsoft.Identity.Web.Certificate/Microsoft.Identity.Web.Certificate.csproj
index 6e523448b..017f6e4a7 100644
--- a/src/Microsoft.Identity.Web.Certificate/Microsoft.Identity.Web.Certificate.csproj
+++ b/src/Microsoft.Identity.Web.Certificate/Microsoft.Identity.Web.Certificate.csproj
@@ -18,7 +18,7 @@
     <PackageReference Include="Azure.Security.KeyVault.Secrets" Version="$(AzureSecurityKeyVaultSecretsVersion)" />
     <PackageReference Include="Azure.Identity" Version="$(AzureIdentityVersion)" />
     <PackageReference Include="Azure.Security.KeyVault.Certificates" Version="$(AzureSecurityKeyVaultCertificatesVersion)" />
-    <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="$(MicrosoftExtensionsLoggingVersion)" />
+    <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="$(MicrosoftExtensionsLoggingAbstractionsVersion)" />
     <PackageReference Include="Microsoft.Identity.Abstractions" Version="$(MicrosoftIdentityAbstractionsVersion)" />
   </ItemGroup>
 
diff --git a/src/Microsoft.Identity.Web.Certificateless/ManagedIdentityClientAssertion.cs b/src/Microsoft.Identity.Web.Certificateless/ManagedIdentityClientAssertion.cs
index a049e3499..55ca81ff4 100644
--- a/src/Microsoft.Identity.Web.Certificateless/ManagedIdentityClientAssertion.cs
+++ b/src/Microsoft.Identity.Web.Certificateless/ManagedIdentityClientAssertion.cs
@@ -138,6 +138,11 @@ private void Log(
           string message,
           bool containsPii)
         {
+            if (_logger == null)
+            {
+                return;
+            }
+
             switch (level)
             {
                 case Client.LogLevel.Always:
diff --git a/src/Microsoft.Identity.Web.Certificateless/Microsoft.Identity.Web.Certificateless.csproj b/src/Microsoft.Identity.Web.Certificateless/Microsoft.Identity.Web.Certificateless.csproj
index 6ae20a75b..72c39b7c3 100644
--- a/src/Microsoft.Identity.Web.Certificateless/Microsoft.Identity.Web.Certificateless.csproj
+++ b/src/Microsoft.Identity.Web.Certificateless/Microsoft.Identity.Web.Certificateless.csproj
@@ -19,7 +19,7 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="$(MicrosoftExtensionsLoggingVersion)" />
+    <PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="$(MicrosoftExtensionsLoggingAbstractionsVersion)" />
     <PackageReference Include="Microsoft.IdentityModel.JsonWebTokens " Version="$(MicrosoftIdentityModelVersion)" />
     <PackageReference Include="Microsoft.Identity.Client" Version="$(MicrosoftIdentityClientVersion)" />
   </ItemGroup>
diff --git a/src/Microsoft.Identity.Web.DownstreamApi/DownstreamApi.cs b/src/Microsoft.Identity.Web.DownstreamApi/DownstreamApi.cs
index 8d6e97b2f..4fbe5525c 100644
--- a/src/Microsoft.Identity.Web.DownstreamApi/DownstreamApi.cs
+++ b/src/Microsoft.Identity.Web.DownstreamApi/DownstreamApi.cs
@@ -604,7 +604,7 @@ public Task<HttpResponseMessage> CallApiForAppAsync(
                 // Otherwise use the default HttpClientFactory with optional named client.
                 HttpClient client = requestResult?.BindingCertificate != null && _msalHttpClientFactory is IMsalMtlsHttpClientFactory msalMtlsHttpClientFactory
                     ? msalMtlsHttpClientFactory.GetHttpClient(requestResult.BindingCertificate)
-                    : (string.IsNullOrEmpty(serviceName) ? _httpClientFactory.CreateClient() : _httpClientFactory.CreateClient(serviceName));
+                    : (string.IsNullOrEmpty(serviceName) ? _httpClientFactory.CreateClient() : _httpClientFactory.CreateClient(serviceName!));
 
                 // Send the HTTP message
                 downstreamApiResult = await client.SendAsync(httpRequestMessage, cancellationToken).ConfigureAwait(false);
diff --git a/src/Microsoft.Identity.Web.OWIN/AppBuilderExtension.cs b/src/Microsoft.Identity.Web.OWIN/AppBuilderExtension.cs
index 43612febd..458625bfa 100644
--- a/src/Microsoft.Identity.Web.OWIN/AppBuilderExtension.cs
+++ b/src/Microsoft.Identity.Web.OWIN/AppBuilderExtension.cs
@@ -62,10 +62,10 @@ public static IAppBuilder AddMicrosoftIdentityWebApi(
                     configuration?.GetSection(configurationSection).Bind(option);
                 }));
 
-            string instance = configuration.GetValue<string>($"{configurationSection}:Instance");
-            string tenantId = configuration.GetValue<string>($"{configurationSection}:TenantId");
-            string clientId = configuration.GetValue<string>($"{configurationSection}:ClientId");
-            string audience = configuration.GetValue<string>($"{configurationSection}:Audience");
+            string? instance = configuration.GetValue<string>($"{configurationSection}:Instance");
+            string? tenantId = configuration.GetValue<string>($"{configurationSection}:TenantId");
+            string? clientId = configuration.GetValue<string>($"{configurationSection}:ClientId");
+            string? audience = configuration.GetValue<string>($"{configurationSection}:Audience");
             string authority = instance + tenantId + "/v2.0";
             TokenValidationParameters tokenValidationParameters = new()
             {
@@ -121,10 +121,10 @@ public static IAppBuilder AddMicrosoftIdentityWebApp(
                     configuration?.GetSection(configurationSection).Bind(option);
                 }));
 
-            string instance = configuration.GetValue<string>($"{configurationSection}:Instance");
-            string tenantId = configuration.GetValue<string>($"{configurationSection}:TenantId");
-            string clientId = configuration.GetValue<string>($"{configurationSection}:ClientId");
-            string postLogoutRedirectUri = configuration.GetValue<string>($"{configurationSection}:SignedOutCallbackPath");
+            string? instance = configuration.GetValue<string>($"{configurationSection}:Instance");
+            string? tenantId = configuration.GetValue<string>($"{configurationSection}:TenantId");
+            string? clientId = configuration.GetValue<string>($"{configurationSection}:ClientId");
+            string? postLogoutRedirectUri = configuration.GetValue<string>($"{configurationSection}:SignedOutCallbackPath");
             string authority = instance + tenantId + "/v2.0";
 
             OpenIdConnectAuthenticationOptions options = new()
diff --git a/src/Microsoft.Identity.Web.OWIN/Microsoft.Identity.Web.OWIN.csproj b/src/Microsoft.Identity.Web.OWIN/Microsoft.Identity.Web.OWIN.csproj
index 10156957c..a7c2d2a2b 100644
--- a/src/Microsoft.Identity.Web.OWIN/Microsoft.Identity.Web.OWIN.csproj
+++ b/src/Microsoft.Identity.Web.OWIN/Microsoft.Identity.Web.OWIN.csproj
@@ -23,8 +23,8 @@
     </None>
   </ItemGroup>
   <ItemGroup>
-   <PackageReference Include="Microsoft.Extensions.Configuration" Version="3.1.24" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="3.1.24" />
+   <PackageReference Include="Microsoft.Extensions.Configuration" Version="$(MicrosoftExtensionsConfigurationVersion)" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="$(MicrosoftExtensionsConfigurationJsonVersion)" />
     <PackageReference Include="Microsoft.Extensions.Http" Version="$(MicrosoftExtensionsHttpVersion)" />
     <PackageReference Include="Microsoft.Graph" Version="$(MicrosoftGraphVersion)" />
     <PackageReference Include="Microsoft.IdentityModel.Logging" Version="$(MicrosoftIdentityModelVersion)" />
@@ -48,5 +48,5 @@
     <AdditionalFiles Include="PublicAPI\PublicAPI.Shipped.txt" />
     <AdditionalFiles Include="PublicAPI\PublicAPI.Unshipped.txt" />
   </ItemGroup>
-  
+
 </Project>
diff --git a/src/Microsoft.Identity.Web.OWIN/OwinTokenAcquirerFactory.cs b/src/Microsoft.Identity.Web.OWIN/OwinTokenAcquirerFactory.cs
index 1e6de0372..a6219c4af 100644
--- a/src/Microsoft.Identity.Web.OWIN/OwinTokenAcquirerFactory.cs
+++ b/src/Microsoft.Identity.Web.OWIN/OwinTokenAcquirerFactory.cs
@@ -25,15 +25,15 @@ public class OwinTokenAcquirerFactory : TokenAcquirerFactory
         /// <returns></returns>
         protected override string DefineConfiguration(IConfigurationBuilder builder)
         {
-            _ = builder.AddInMemoryCollection(new Dictionary<string, string>()
+            _ = builder.AddInMemoryCollection(new Dictionary<string, string?>()
             {
-                ["AzureAd:Instance"] = EnsureTrailingSlash(ConfigurationManager.AppSettings["ida:Instance"] ?? ConfigurationManager.AppSettings["ida:AADInstance"] ?? "https://login.microsoftonline.com/"),
-                ["AzureAd:ClientId"] = ConfigurationManager.AppSettings["ida:ClientId"],
-                ["AzureAd:TenantId"] = ConfigurationManager.AppSettings["ida:Tenant"] ?? ConfigurationManager.AppSettings["ida:TenantId"],
-                ["AzureAd:Audience"] = ConfigurationManager.AppSettings["ida:Audience"],
-                ["AzureAd:ClientSecret"] = ConfigurationManager.AppSettings["ida:ClientSecret"],
-                ["AzureAd:SignedOutCallbackPath"] = ConfigurationManager.AppSettings["ida:PostLogoutRedirectUri"],
-                ["AzureAd:RedirectUri"] = ConfigurationManager.AppSettings["ida:RedirectUri"],
+                ["AzureAd:Instance"] = EnsureTrailingSlash(System.Configuration.ConfigurationManager.AppSettings["ida:Instance"] ?? System.Configuration.ConfigurationManager.AppSettings["ida:AADInstance"] ?? "https://login.microsoftonline.com/"),
+                ["AzureAd:ClientId"] = System.Configuration.ConfigurationManager.AppSettings["ida:ClientId"],
+                ["AzureAd:TenantId"] = System.Configuration.ConfigurationManager.AppSettings["ida:Tenant"] ?? System.Configuration.ConfigurationManager.AppSettings["ida:TenantId"],
+                ["AzureAd:Audience"] = System.Configuration.ConfigurationManager.AppSettings["ida:Audience"],
+                ["AzureAd:ClientSecret"] = System.Configuration.ConfigurationManager.AppSettings["ida:ClientSecret"],
+                ["AzureAd:SignedOutCallbackPath"] = System.Configuration.ConfigurationManager.AppSettings["ida:PostLogoutRedirectUri"],
+                ["AzureAd:RedirectUri"] = System.Configuration.ConfigurationManager.AppSettings["ida:RedirectUri"],
             });
 
             return HostingEnvironment.MapPath("~/");
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/Microsoft.Identity.Web.TokenAcquisition.csproj b/src/Microsoft.Identity.Web.TokenAcquisition/Microsoft.Identity.Web.TokenAcquisition.csproj
index 99d0c76a6..8d99aad46 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/Microsoft.Identity.Web.TokenAcquisition.csproj
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/Microsoft.Identity.Web.TokenAcquisition.csproj
@@ -25,7 +25,7 @@
   <ItemGroup Condition="'$(TargetFrameworkIdentifier)' == '.NETFramework' Or '$(TargetFramework)' == 'netstandard2.0'">
     <PackageReference Include="Microsoft.Extensions.Configuration.EnvironmentVariables" Version="$(MicrosoftExtensionsConfigurationBinderVersion)" />
     <PackageReference Include="Microsoft.Extensions.Http" Version="$(MicrosoftExtensionsHttpVersion)" />
-    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="3.1.0" />
+    <PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="$(MicrosoftExtensionsConfigurationJsonVersion)" />
   </ItemGroup>
 
   <ItemGroup>
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/OptionsMergers/ConfidentialClientApplicationOptionsMerger.cs b/src/Microsoft.Identity.Web.TokenAcquisition/OptionsMergers/ConfidentialClientApplicationOptionsMerger.cs
index 017748a51..41bcb2f2b 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/OptionsMergers/ConfidentialClientApplicationOptionsMerger.cs
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/OptionsMergers/ConfidentialClientApplicationOptionsMerger.cs
@@ -16,11 +16,7 @@ public ConfidentialClientApplicationOptionsMerger(IMergedOptionsStore mergedOpti
         private readonly IMergedOptionsStore _mergedOptionsMonitor;
 
         public void PostConfigure(
-#if NET7_0_OR_GREATER
             string? name,
-#else
-            string name,
-#endif
             ConfidentialClientApplicationOptions options)
         {
             MergedOptions.UpdateMergedOptionsFromConfidentialClientApplicationOptions(options, _mergedOptionsMonitor.Get(name ?? string.Empty));
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/OptionsMergers/MicrosoftAuthenticationOptionsMerger.cs b/src/Microsoft.Identity.Web.TokenAcquisition/OptionsMergers/MicrosoftAuthenticationOptionsMerger.cs
index f68f5f37f..e4a2ddc5c 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/OptionsMergers/MicrosoftAuthenticationOptionsMerger.cs
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/OptionsMergers/MicrosoftAuthenticationOptionsMerger.cs
@@ -21,11 +21,7 @@ public MicrosoftIdentityApplicationOptionsMerger(IMergedOptionsStore mergedOptio
         private readonly IMergedOptionsStore _mergedOptionsMonitor;
 
         public void PostConfigure(
-#if NET7_0_OR_GREATER
             string? name,
-#else
-            string name,
-#endif            
             MicrosoftIdentityApplicationOptions options)
         {
             MergedOptions.UpdateMergedOptionsFromMicrosoftIdentityApplicationOptions(options, _mergedOptionsMonitor.Get(name ?? string.Empty));
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/OptionsMergers/MicrosoftIdentityOptionsMerger.cs b/src/Microsoft.Identity.Web.TokenAcquisition/OptionsMergers/MicrosoftIdentityOptionsMerger.cs
index e01729302..27d8b14ee 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/OptionsMergers/MicrosoftIdentityOptionsMerger.cs
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/OptionsMergers/MicrosoftIdentityOptionsMerger.cs
@@ -20,11 +20,7 @@ public MicrosoftIdentityOptionsMerger(IMergedOptionsStore mergedOptions)
         private readonly IMergedOptionsStore _mergedOptionsMonitor;
 
         public void PostConfigure(
-#if NET7_0_OR_GREATER
             string? name,
-#else
-            string name,
-#endif
             MicrosoftIdentityOptions options)
         {
             MergedOptions.UpdateMergedOptionsFromMicrosoftIdentityOptions(options, _mergedOptionsMonitor.Get(name ?? string.Empty));
diff --git a/tests/Microsoft.Identity.Web.Test/CacheEncryptionTests.cs b/tests/Microsoft.Identity.Web.Test/CacheEncryptionTests.cs
index 66a468ae4..7748f3c8b 100644
--- a/tests/Microsoft.Identity.Web.Test/CacheEncryptionTests.cs
+++ b/tests/Microsoft.Identity.Web.Test/CacheEncryptionTests.cs
@@ -51,7 +51,7 @@ public async Task EncryptionTestAsync(bool isEncrypted)
         private byte[] GetFirstCacheValue(MemoryCache memoryCache)
         {
             IDictionary memoryCacheContent;
-# if NET6_0 || NET462
+# if NET6_0
             memoryCacheContent = (memoryCache
                 .GetType()
                 .GetProperty("StringKeyEntriesCollection", System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic)!
@@ -85,10 +85,15 @@ private byte[] GetFirstCacheValue(MemoryCache memoryCache)
                 .GetField("_stringEntries", System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic)
                 .GetValue(content1) as IDictionary)!;
 #else
-            memoryCacheContent = (memoryCache
+            // MemoryCache 8.0.x on .NET Framework uses the same internal structure as net8.0
+            dynamic content1 = memoryCache
                 .GetType()
-                .GetField("_entries", System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic)!
-                .GetValue(_testCacheAdapter!._memoryCache) as IDictionary)!;
+                .GetField("_coherentState", System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic)!
+                .GetValue(memoryCache)!;
+            memoryCacheContent = (content1?
+                .GetType()
+                .GetField("_stringEntries", System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic)
+                .GetValue(content1) as IDictionary)!;
 #endif // NET472
             var firstEntry = memoryCacheContent.Values.OfType<object>().First();
             var firstEntryValue = firstEntry.GetType()
diff --git a/tests/Microsoft.Identity.Web.Test/Microsoft.Identity.Web.Test.csproj b/tests/Microsoft.Identity.Web.Test/Microsoft.Identity.Web.Test.csproj
index da7c39597..c097ddc28 100644
--- a/tests/Microsoft.Identity.Web.Test/Microsoft.Identity.Web.Test.csproj
+++ b/tests/Microsoft.Identity.Web.Test/Microsoft.Identity.Web.Test.csproj
@@ -40,8 +40,7 @@
   </ItemGroup>
 
   <ItemGroup Condition="'$(TargetFramework)' == 'net472'">
-    <!-- Special need for Microsoft.Extensions.Hosting.Host which is only available from 3.1-->
-    <PackageReference Include="Microsoft.Extensions.Hosting" Version="3.1" />
+    <PackageReference Include="Microsoft.Extensions.Hosting" Version="$(MicrosoftExtensionsHostingVersion)" />
   </ItemGroup>
 
   <ItemGroup Condition="'$(TargetFrameworkIdentifier)' == '.NETFramework'">