KB4096236 security update leads to System.AccessViolationException at HttpWebRequest.GetResponse()

When we install security update KB4096236 on server, our application is randomly crashing with the stack trace below:

Message=Application: w3wp.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
   at System.Net.UnsafeNclNativeMethods+OSSOCK.recv(IntPtr, Byte*, Int32, System.Net.Sockets.SocketFlags)
   at System.Net.Sockets.Socket.Receive(Byte[], Int32, Int32, System.Net.Sockets.SocketFlags, System.Net.Sockets.SocketError ByRef)
   at System.Net.Sockets.NetworkStream.Read(Byte[], Int32, Int32)
   at System.Net.PooledStream.Read(Byte[], Int32, Int32)
   at System.Net.Connection.SyncRead(System.Net.HttpWebRequest, Boolean, Boolean)
   at System.Net.ConnectStream.ProcessWriteCallDone(System.Net.ConnectionReturnResult)
   at System.Net.ConnectStream.CallDone(System.Net.ConnectionReturnResult)
   at System.Net.ConnectStream.CloseInternal(Boolean, Boolean)
   at System.Net.ConnectStream.System.Net.ICloseEx.CloseEx(System.Net.CloseExState)
   at System.Net.HttpWebRequest.EndWriteHeaders_Part2()
   at System.Net.HttpWebRequest.EndWriteHeaders(Boolean)
   at System.Net.HttpWebRequest.WriteHeadersCallback(System.Net.WebExceptionStatus, System.Net.ConnectStream, Boolean)
   at System.Net.ConnectStream.WriteHeaders(Boolean)
   at System.Net.HttpWebRequest.EndSubmitRequest()
   at System.Net.Connection.SubmitRequest(System.Net.HttpWebRequest, Boolean)
   at System.Net.ServicePoint.SubmitRequest(System.Net.HttpWebRequest, System.String)
   at System.Net.HttpWebRequest.SubmitRequest(System.Net.ServicePoint)
   at System.Net.HttpWebRequest.GetResponse()

Our application worked without any problems before installing KB4096236 update. Here is the part of code where exception is thrown:

        public SKBitmap GetImage(string url)
        {
            SKBitmap image;
            WebRequest request = WebRequest.Create(url);
            request.Timeout = 3000;
            var response = request.GetResponse();

            try
            {
                using (var strm = response.GetResponseStream())
                {
                    image = SKBitmap.Decode(strm);
                }
            }
            finally
            {
                response.Dispose();
            }
            return image;
        }

With KB4096236 update installed, we are able to reproduce application crash using JMeter load tests.

After uninstalling KB4096236 update the problem no longer appears.

Does anyone know why this security update leads to AccessViolationException?