Category Archives: Uncategorized

Patch Tuesday Updates Include 3 Critical TCP/IP Fixes

Although I think MS calls it Update Tuesday now, Patch Tuesday is the second Tuesday of each month. It’s the usual time when MS releases monthly updates, including security patches and fixes. This latest batch, released yesterday, includes some important stuff. These Patch Tuesday Updates include 3 critical TCP/IP fixes, according to BleepingComputer among other sources. They join MS In urging organizations to update them sooner rather than later.

Patch Tuesday Updates Include 3 Critical TCP/IP Fixes: Relevant CVEs

These vulnerabilities affect all Windows client and server versions starting at Windows 7/Server 2008 and up to present-day, current versions. The relevant CVEs are: CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086. Each one may be exploited remotely. Two of them could lead to remote code execution (RCE) attacks. The third offers a means to crash an exposed Windows PC, offering a potential denial-of-service attack vector.

All three show February 9 release dates, which also makes them zero-day exploits as well. They also pose low attack complexity, which makes them easy for malefactors to foist. All require no privileges to launch which only increases their danger levels.

Who’s Covered By Patch Tuesday Updates?

Only older versions of Windows client and server OSes need to download and install their corresponding  Monthly Security Rollups (Server 2008, Server 2012, Server 2012 R2, Windows 7 SP1). Check the afore-linked Security Bulletins (shown above as CVE links) for Microsoft Catalog download links. Other client and server versions can get their updates through normal channels, including Windows Update.

Don’t delay, dear readers. These updates are better installed than not, especially for any Windows PCs directly exposed to the Internet.




Understanding What 2004 Broad Deployment Means

On February 3, an interesting note appeared in the latest Windows 10 Status bulletin. To truly make sense of its import requires understanding what 2004 broad deployment means. Here’s a key snippet:

Current status as of February 3, 2021
Windows 10, version 2004 is designated for broad deployment. The recommended servicing status is Semi-Annual Channel.

Again: Understanding What 2004 Broad Deployment Means

The phrase “broad deployment” is addressed in code in the phrase “servicing status is Semi-Annual Channel.” I’d translate it as “ready for nearly everybody and anybody .” Microsoft displays a more specific view of this in a DOCs article. It’s entitled Assign devices to servicing channels for Windows 10 update. In fact, that article supplies the table shown as the lead-in graphic above.

Another quote that heads the foregoing table is pretty explicit about who should get which release channel:

The Semi-Annual Channel is the default servicing channel for all Windows 10 devices except those with the LTSB edition installed

What does this mean? It means anybody who depends on Windows 10 should run the Semi-Annual Channel release.  To be more specific, that means users at work, at home and at school. Thus,  if you’re not an insider or using an LTSB license, you should be running Windows 10 2004 . That’s the May 2020 release, currently at build

2 Releases Back Reflects Conventional Wisdom

For the longest time, businesses have long followed a pattern of hanging one or two releases back from the leading edge. This goes as far back as I can remember taking Windows seriously. More explicitly, I’d call it “the Windows 3.1/Windows for Workgroups era” (1992-1993).

On the ground, most businesses I visit run 1909 or 2004 these days. With 1909 not coming up on EOL until May 2022, this info from Microsoft is interesting.  Between the lines, read it as a gentle nudge to businesses to start thinking about an upgrade. For sure, that’s sooner than they’d upgrade, if impending EOL were the driving force.

For ordinary users I also read this as sage advice for those who don’t work at Windows leading or bleeding edge. For leading edge, think current release (20H2). That makes the bleeding edge Insider Previews (21H1 and beyond).

Could It Be a Wake-Up for True Laggards?

The true laggards, of course, are those running 1904 or some earlier Windows release. This includes my optometrist, who  I noticed is still on Windows 7 when I had my eyes checked two weeks back. Thus, if you’re not close to the Semi-Annual Channel level on your Windows desktops, it’s time to start planning that transition. I think MS has just given fair warning!


Lenovo X220 Tablet Hits IME Wall

I knew it was coming, but not when. I’ve already retired my Lenovo T520 laptop. I bought them together, so my X220 tablet has the same CPU — an i7-2640M Sandy Bridge– and  a 6 Series/C200 Series chipset. In the wake of the latest Dev Channel (Fast Ring) 21286 Build, this machine is now throwing  Intel Management Engine errors. As the lead-in screencap shows it tells me “ME is in Recovery State.” Then, it hangs until I hit the proverbial “Any Key.” When I say the Lenovo X220 Tablet hits IME wall, I’m really saying it’s too old for the installer. Simply put, Windows 10 apparently doesn’t know what to do with this old hardware any more.

If Lenovo X220 Tablet Hits IME Wall, Then What?

I can keep this machine going for a while yet, but I can tell its days are numbered. Upon investigation, its most current IME drivers and software date to the Windows 8.0 and 8.1 era. And then, there’s this cheery warning on the drivers and software download page for the X220 Tablet:

Key phrases in the warning are “no longer being actively supported” and “available ‘as-is'”. Translation: PC is old, and you’re on your own. [Click image for full-sized view.]

I found some fascinating discussion from others who’ve had this problem with this PC and others of its vintage. The most interesting item is at Bill Morrow’s forum. It prescribes a firmware hack as the best fix, which more or less turns off the Intel Management Engine (more recently renamed to Active Management Technology, or AMT).

To use this approach, I would have to buy a cheap (under US$20) EEPROM burner. Then I’d need to hack the bits for the BIOS myself  (through a Python program named ME_CLEANER).

I’m still chewing on whether or not I really want to do this. I will keep it running as it stands as long as I can, I think. I’ll pass it along to my old buddy Ken Starks at when I can’t upgrade Windows 10 on it anymore. Even with this glitch, by pushing the “Any Key” after each reboot during the Windows 10 install process, I got this machine upgraded to Build 21286. For the time being, I’ll just keep on keeping on until I have to do something else. Stay tuned!


Early One Outlook Screencap Eases Concerns

Following quickly in the wake of news of Microsoft’s Project Monarch, (reported here on Monday), a screencap from an actual user allays some of my fears. Notice the left-hand column in the lead-in screecap for this story. It shows the Archive folder amongst the other Outlook folders present. I take that to mean there is a way to integrate an archive with live, web-based messages in the cloud. Thus, an early One Outlook screencap eases concerns about business use.

Why Early One Outlook Screencap Eases Concerns

The name for the app is currently “One Outlook.” This speaks directly to Microsoft’s desire to assemble all Outlook clients in a single code base. Obviously, they’ve thought about the importance of archives in the Outlook environment. In fact, I’m relieved it shows up in such early intimations of where the app is headed.

My old friend and former Novell colleague, John King, responded to my previous post. He proposed the notion that an archive might  be uploaded to the cloud to remain accessible. I’m not certain. I could see it either way, given that I’m sure I’m not the only person with a 10+GB Outlook archive.pst. Millions of 10GB uploads may be more of a storage load than Azure wants to handle. It may make more sense to build plumbing into the app to access a local archive.

Those details, however, are a long way from being settled. According to, which reported on this phenom and the screencap, One Outlook is unlikely to appear until 2022. Right now, they say, it’s only available to “brave dogfooders” with in-house, internal Microsoft accounts.

Give Me Preview Access, Please

As the app evolves and develops, I sincerely hope that MS will provide more brave dogfooders outside the company with early access. In fact, I’d like to nominate myself among the ranks of “early outside adopters.” I’ll use it on a test machine, for sure, but it could help me further ease my concerns, as I explore its capabilities. For something this central to how I work and live, I hope that’s not too much to ask. Stay tuned: I’ll keep you informed.


Dell 7080 Micro Performance Amazes

Well, shut the front door, please! Just for grins I started running some of my desultory benchmarks and speed tests on the Dell Micro 7080 I just bought to replace the old mini-ITX box. When you see the numbers and screencaps I’ll be sharing in the following ‘graphs, you’ll understand why my title for this item is “Dell 7080 Micro Performance Amazes.”

Why say: Dell 7080 Micro Performance Amazes?

The numbers do not lie. They’re all pretty incredible, too. Here are some start/boot numbers, with the 7080 left and the (much more expensive) P-5550 numbers right:

Table 1: Shutdown, cold Boot, Restart Times
Description Action 7080 Micro P-5550
 Desktop to machine off  Shutdown  7.92 sec  13.02 sec
 Turned off to desktop  Cold boot  10.46 sec  16.01 sec
Desktop to desktop   Restart 21.26 sec  30.01 sec 

Across the board, then, the $1,200 7080 Micro is significantly faster than the $4K-plus Precision 5550 Workstation. Of course, this takes no account of the more expensive unit’s Radeon Pro GPU. The 7080 Micro simply relies on its built-in Intel UHD Graphics 630 circuitry to render bits on its Dell 2717D UltraSharp monitor, and does so reasonably well. But this comparison is unfair to the P-5550 because UHD 630 is not like a dedicated GPU, especially a professional-grade one like the P-5550’s Nvidia Quadro T2000.

But Wait, There’s More…

The CrystalDiskMark results are also mostly faster than those from the P-5550. The lead-in screenshot shows the 7080 Micro’s CDM results. Compare those for the P-5550 and you get the following, where I’ve bolded the best times in each category so you can see that the 7080 Micro beats the P-5550 in 6 out of 8 categories.

Table 2: CrystalDiskMark Comparisons
CDM Label Action 7080 Micro P-5550
 SEQ1M/Q8T1 Read 3364.8 3373.64
   Write  2790.49 2334.67 
 SEQ1M/Q1T1  Read  2147.04 1716.39 
   Write 2800.90   2056.88
 RND4K/Q32T16  Read  1972.38  630.64
   Write  2152.12  358.26
 RND4K/Q1T1  Read  60.54  41.21
   Write  108.21  119.34

I’m particularly impressed with the 4K Random write numbers with queue depth of 32 and thread count of 16, at which the 7080 Micro kills the P-5550 (read is more than 3 times faster; write is more than 6 times faster). With a queue depth and thread counts of 1 each, it’s a split decision: the 7080 Micro is almost 50% faster at reads, and the P-5550 is about 10% faster at writes. Even when the P-5550 comes out ahead it’s by less than 10% in both cases. To me, that puts the 7080 Micro way, way ahead of the P-5550, especially considering the price differential.

Am I happy with my 7080 Micro purchase? So far, heck yes! More to come as I have more time to do benchmarking. This week is jammed up, but maybe Thanksgiving week I’ll find more time. Stay tuned.