Recommend updating to msquic 2.4.8

[GrabYourPitchforks]

The msquic folks recently released v2.4.8. Though this was not a security release, it does contain some defense-in-depth improvements related to how library load occurs.

Because of this, there's a risk that third-party vulnerability scanners may start to mark versions prior to 2.4.8 as suspicious, and that might cause false positive alerts for our customers. We should get ahead of this by proactively pulling 2.4.8 into our builds. There's no need for us to make a servicing release just for this, but it'd be good to get the update to come along for the ride the next time we have a scheduled servicing release.

Relatedly, .NET 8.0.x currently takes a dependency on msquic v2.3.x. The 2.3.x branch exits support in Sep 2025, well ahead of .NET 8's end of life. We should update the 8.0.x branch to keep ahead of any end-of-life mismatches here.

[dotnet-policy-service]

Tagging subscribers to this area: @dotnet/ncl
See info in area-owners.md if you want to be subscribed.