Category Archives: WED Blog

21H1 Upgrade Offer Frequency Is Increasing

OK, then. This story’s lead-in graphic is showing up on more and more of my production-level Windows 10 PCs. That is, within Windows Update the 21H1 upgrade offer frequency is increasing. My measurements are more subjective than empirical, but it seems like the pace of the trickle-out is a little faster than the transition from 2004 to 20H2.

And given that it’s an enablement package upgrade, the offer is worth waiting on. Before I exercised the offer on my Lenovo X390 Yoga, I worked through the following updates:

All told, that took about 3 minutes to complete. That said, running the MSRT (Malicious Software Removal Tool) always takes a while because it has many checks to perform. In stark contrast, the whole 21H1 process took well under two minutes (about 93 seconds) from start to finish.

If  21H1 Upgrade Offer Frequency Is Increasing, Then What?

That’s up to you, dear reader. For IT pros keeping an eye on new Windows 10 releases for eventual deployment, this one’s worth grabbing and putting through its paces. For home and home office users tracking the current Windows 10 version, ditto. Otherwise, most business users seem content to trail one or two upgrades behind the leading edge. That means they’re thinking about upgrading from 2004 to 20H2, with 21H1 still some ways down the road.

Nevertheless, I’m pleased to see Microsoft picking up the pace on its upgrade offers to 21H1. The last time around, it wasn’t until 90 or 120 days that a more general distribution of the upgrade started happening. I recall reading about “full availability” for 20H2 only last month (May 2021, 5 months after initial general release). This time around it seems that the transition may be quicker and more vigorous.

So far, I still have two machines with the offer yet pending. We’ll see when MS gets around to making those offers. Stay tuned!



Goodbye Lenovo X220 Tablet PC

I’ve just learned something potentially useful. As a Windows PC ages, it tends to lose vendor support somewhere along the way. And with that comes missing or incompatible drivers and firmware updates. I’ve hit that point now with my Lenovo X220 Tablet, which was built and purchased in 2012. It was my first-ever touchscreen PC bought to learn touch interaction in Windows 8. But because of increasing decrepitude, I must now say goodbye Lenovo X220 Tablet PC.

Why Say Goodbye Lenovo X220 Tablet PC?

Why? Because it takes longer for me to get the device update ready than it does to apply pending updates. As it’s been a Dev Channel test machine, that’s a lotta updates. Because this phenom includes Defender updates, it’s become a daily thing. Sigh.

I’ve developed a “workaround ritual” to keep the machine updated. First, I try WU by itself. Sometimes, it works. When only Defender updates fail, I next go to the updates button in Windows Security/Virus & Threat protection. If that doesn’t work, I manually download the latest update file and install it “by hand.”

If other updates are involved, I try WUMT. It often succeeds when WU hangs during either download or install phases. Sometimes, I have to reset the entire update environment using Shawn Brink’s Reset_Reregister_Windows_Update_Components.bat file. It’s nearly infallible.

Another problem that’s cropped up is the outright failure of the Intel Management Engine on that PC. I’m not especially worried about that, per se, but this does mean that I must remember to manually strike a key each time the system reboots (and it does so 3 or more times each time any upgrade is installed, which happens weekly on a Dev Channel test machine). Otherwise the system just waits for input before it can proceed further.

When It’s Time, It’s Time…

Long story short, it’s become too time-consuming to work around the X220 Tablet’s limitations and gotchas. I still love this machine, but as a freelancer I always have to keep one eye on the clock and manage my time carefully. This laptop is now more trouble than it’s worth, so I’ll be passing it onto the folks at ReGlue for a wipe and a LInux install. Some schoolkid will still get good use out of its 4-core/8 thread i7 2640M CPU, dual (small) SSDs, and 16 GB RAM.



Pondering IME Recovery State Issues

OK, then. First let me explain that IME is short for Intel Management Engine. This firmware component is present on all modern PCs with Intel CPUs since 2008. It operates while the OS is active, and IME also runs during boot-up. In fact, IME is accessible even when a PC is shut down or sleeping, as long as power is available. I’m pondering IME recovery state issues for one reason. My 2012-vintage Lenovo X220 Tablet hangs at every restart to report that “ME is in a recovery state.” I must enter a keystroke before boot-up continues.

I’m learning that IME has deep access on any Windows PC where it resides. For more details, check out the Wikipedia article Intel Management Engine.

Why I’m Pondering IME Recovery State Issues

Fixing this issue on my old Lenovo touchscreen PC is proving nearly impossible. Check out this Win-RAID forum thread on ME Cleaner (a management engine cleanup tool). Hopefully, you’ll get a sense of what contortions removing IME entail. Long story short: some real BIOS hacking, with no guarantee of success, is required to disable (or remove) IME at the BIOS level. Sheesh!

The lead-in graphic for this story comes from Intel’s Converged Security and Management Engine Version Detection Tool (CSMEVDT). For the X220 Tablet, it shows that the system is no longer supported (no surprise there, considering its age). No new releases planned, either…

Increasing Horror Results When Pondering IME

In fact, the more I learn about the Intel Management Engine, the more disturbed I become. The Wikipedia article (cited above) does a good job of hitting the high points. What I learned from direct experience on my X220 Tablet is also scary. It goes so far as to speculate that state-level threat actors have been actively seeking out IME exploits for over a decade.

But alas, even after disabling IME in BIOS, the Recovery State error continues. At least the related driver error for “Serial Over LAN” (SOL) access no longer appears in Device Manager.

For the moment, I’m against making BIOS hacks. I’m pretty sure that the absence the SOL driver means IME can no longer access the network. But gosh, this is a scary set of security vulnerabilities to contemplate. Indeed, the rest of my Intel-based systems have IME “working properly.” That’s where my real concerns begin. I’ll have to make sure to patch them all, pronto!


Windows 11 Rumors Swirl Bemusingly

In the past week, there’s been a flurry of rumors around Windows. Indeed, Microsoft will announce a “what’s next” for Windows at an upcoming live-stream event scheduled for June 24. The lead-in graphic for this story comes from the illustration just below the invitation text. That text reads (in part) “Join us to see what’s next for Windows … 06.24.21 at 11 a.m. Eastern Time” Notice the light passing through the window (below) is missing the crossbar above. This simple discrepancy has swept the Internet, as Windows 11 rumors swirl bemusingly.

What Makes Windows 11 Rumors Swirl Bemusingly?

The two bars of light beneath the Window could represent the number 11, to those inclined to find signifance therein. Leaks reproduced in sites like cite references from usually well-informed sources to confirm the 11 numbering (or nomenclature).

Am I onboard for such speculation? Maybe I’ve been following Windows for too long now. I just can’t get too excited about the idea of an “increment by 1” operation on the current Windows major version number. Given that the same breathless sources positing such an increment is inevitable also say “Windows 11 uses the same code base as Windows 10,” it doesn’t seem like a seismic shift of any sort to me.

We Still Don’t Know Enough …

Sure, Satya Nadella said at Build 2021 that “one of the most significant updates to Windows of the past decade” was in the offing. He also referred to it (as has Panos Panay, the guy now in charge of Windows development as MS) as “the next generation of Windows.” But what does it really mean when Nadella goes on to say:

We will create more opportunity for every Windows developer today and welcome every creator who is looking for the most innovative, new, open platform to build and distribute and monetize applications.

Answer: we’ll find out more on June 24 when the livestream event goes down. In meantime ask yourself how much difference a different version number will make? Frankly, I’m more interesting in learning whether or not moving from old to new versions will be free (as it was from 7 to 8 to 8.1 to 10) or require purchasing a new license? Hopefully, we’ll find out. Stay tuned!


Living with the Lenovo ThinkPad X12

It’s been nearly a month since the brand-new ThinkPad X12 showed up at my front door. Since then, I’ve used it for a variety of everyday computing tasks, including writing stories, conducting research, tuning and tweaking, and more. As I’ve gotten to know it better, I’ve come to like it better as well. It’s not exactly perfect, but it’s not bad, either. In fact, living with the Lenovo ThinkPad X12 has been a mostly positive experience.

It’s Good, Living with the Lenovo ThinkPad X12

Here’s what this machine brings to its users:

CPU: 11th Gen i7-1180G7 (formerly Tiger Lake; 4 cores/8 threads; 12 MB Intel Smart Cache; max frequency: 4.6 GHz)
RAM: 16 GB (neither Speccy nor CPU-Z will tell me anything about the soldered-in RAM in this unit: interesting! The product page shows it as LPDDR4X 4266MHz.)
Graphics: Intel Iris Xe Graphics
Display: 12.3″ FHD 1920×1280 anti-reflective touchscreen 400 nits: bright and readable enough for me
SSD: Western Digital SN530 SDBPMPZ-1T00-1001 NVMe PCIe Gen3 x4 interface 1TB capacity (nominal: 953 actual)
Wi-Fi: Intel Wi-Fi 6 AX-201 160MHz adapter
Keyboard deck with fingerprint reader, pen/stylus included in purchase

Right now, the purchase price for an identically configured unit at the Lenovo website is US$1,570.00 (Memorial Day sale price). There is one kicker though: the site says “ships in 4+ months…delay due to COVID-19 global pandemic.” Ouch!

What I Like About the ThinkPad X12

This four-core/eight-thread mobile CPU is surprisingly fast and capable. Hooked up to a Thunderbolt 3 dock, I get access to added storage, wired GbE (if I want it), and more than enough wattage to charge its battery nicely. The Wi-Fi 6 adapter is amazingly peppy: I just got 640-plus Mbps from Ookla Speedtest to my nominal GbE Spectrum connection. It’s almost as fast as GbE, and sometimes I don’t even notice it’s connected wirelessly.

Battery life is great, too. I routinely got 10 hours or better when using the device untethered. Such use involved mostly reading Kindle eBooks, light-duty e-mail checks and web surfing, and watching an occasional video. It’s much better than my old (2014 vintage) Surface Pro 3, on which I’m lucky to get 4 hours of battery life.

It’s especially cool that Lenovo includes the keyboard cover (with fingerprint reader) and a pen/stylus as part of the purchase package. MS still charges separately for those, to the tune of US$150-200, depending on deals and options.

What Don’t I Like About the ThinkPad X12?

Not a whole lot actually. That said, I was surprised at the relatively slower speeds from its Western Digital SSD. Check out the CrystalDiskMark results from the X12 (left) vs. my 2018 vintage X1 Extreme, with a Samsung OEM 1 TB SSD. Makes me wish Lenovo had picked a bit more expensive SSD for the X12 .

Living with the Lenovo ThinkPad X12.CDM-compare

X12 CrystalDiskMark 8 left, X1 Extreme right.
[Click image for full-sized view.]

Other negatives are mostly minor. There’s no microSD or SD card slot for flash media. The unit sports 2 USB-C/Thunderbolt 4 ports, but no USB-A (or other ports, except an RCA mini-jack for audio). The built-in speakers are fairly flat and lacking in power and the front and rear cameras relatively low in resolution and visual fidelity. For me, none of this is a big issue, nor a deal-breaker.

I wanted something more affordable, a bit faster, and with better battery life to replace my aging Surface Pro 3. For my needs, especially for reading eBooks in bed, the ThinkPad X12 is a winner.  It’s as close to an iPad with real PC capabilities as I’ve ever come. IMO, it’s worth taking seriously. If it fits your needs like it does mine, it’s worth buying, too.


Identifying Windows 10 Mystery Startup Items

Here’s something new and helpful about working with Task Manager. Take a look at this story’s lead-in graphic. It shows you can right-click any column header in Task Manager’s Startup tab, to see a pick list of columns (checked items). Add the “Startup type” and “Command line” items, and learn more about the startup entries they describe. In fact, they helped me with identifying Windows 10 mystery startup items on my production PC.

Identifying Windows 10 Mystery Startup Items.program

When a generic “Program” entry showed up in Startup items, adding fields let me see where it was coming from.
[Click item for full-sized view: see top table entry.]

How-to: Identifying Windows 10 Mystery Startup Items

The “Startup type” tells you where the directive comes from. For “Program” it came from the Registry. Better still, Command line data tells you what Startup executes as Windows 10 gets up and running. The particular instruction is malformed and can’t work:

"C:\Program" Files\Teams Installer\Teams.exe --checkinstall --source=default

The closing double quote is misplaced (it should be at the end of the line). Also the directory path referenced in the command does not actually exist on the PC in which this Registry entry resides.

What did I do about this spurious startup item? I cheerfully disabled it. Indeed, that means there’s an orphaned key-value pair in my registry. I can live with that. I do intend to report it via the Feedback Hub, because it definitely includes a syntax error (the misplaced closing double quote). Otherwise, though, it’s no big deal and I’m satisfied to disable it.

[NOTE} Here’s a shout-out to WinHelpOnline, whose story What is “Program” in Task Manager Startup Tab helped me understand my mystery item. It’s worth reading in its entirety for those who want to learn further details about what’s going on, and how to remove related orphaned registry items.


Old PC Shows Interesting Update Behaviors

I’m still running my 2012 vintage Lenovo X220 Tablet. It’s so old, it’s got an Ivy Bridge CPU (i7-2640M). I’ve been getting signs for the past year or so that this PC is nearing obsolescence. For one thing, the Intel Management Engine always comes up in a “recovery state” which I’ve learned means the related firmware is no longer working. In the past month or so, this old PC shows interesting update behaviors. That means it often hangs during update downloads at 0% complete, especially for Windows Defender Security Intelligence updates. Take a look at the lead-in graphic to see what I mean (reproduced below so you can click on it to see all the details).

Old PC Shows Interesting Update Behaviors
Old PC Shows Interesting Update Behaviors

Click on image for full-sized view.

What Old PC Shows Interesting Update Behaviors Truly Means

Simply put, Windows Update isn’t working reliably on this PC any more. This has persisted across the last half-dozen or so Dev Channel upgrades. The only way to break the logjam seems to be to bring an old tool into the mix — namely, the Windows Update Management Tool (aka WUMT).

If you look at the lines from that application dated June 2 in the lead-in graphic, you’ll get an idea of what’s going on. Notice, the third line from the top shows Defender update failed from MoUpdateOrchestrator. That’s the native service inside WU that coordinates automatic updates. Next, WUMT itself fails (because I actually launched it AFTER firing off a manual update scan in Windows Security’s Virus & Threat protection). That shows up as Windows Defender under “Applications ID” in the top item, and is the one that succeeded.

What Makes This Update Behavior Interesting?

As you can see in the update history, none of the update agents (apps) always succeeds. Sometimes, MoUpdateOrchestrator (WU itself) works. Ditto for Windows Defender and WUMT. I keep using WUMT, though, because it seems to break the 0% download logjam pretty reliably (even if it doesn’t always end doing the download itself, as the lead-in graphic shows).

I am getting a strong sense that the X220 Tablet is nearing the end of its useful life. That’s because I’m deliberately using it to push the envelope to see how well aging hardware copes with Dev Channel Insider Preview builds. When it becomes more work to troubleshoot and get upgraded, I’ll give this machine to my friends at ReGlue and promote one of my two 2018 vintage Lenovo X380 Yoga PCs into that role. If the X220 Tablet is any indication, they should be good for at least another 6 years or so!


WinGet 1.0 Updates Most Win10 Applications

A production version of the Windows Package Manager “WinGet” made its debut on or about May 26.  You can grab it from GitHub as version v1.0.11451. It offers the remarkable ability to update any Windows 10 applications for which update packages are defined. Running the tool as a test of this capability, I was able to update 7 of 9 applications the tool flagged as outdated. The 8th item was Firefox, which didn’t get updated within WinGet, but was easily handle through its own update facility. The 9th item was the UWP app for Zoom, which I quickly updated from within its own GUI as well. Thus I confirmed for myself that WinGet 1.0 updates most Win10 applications, if not all of them.

What Does WinGet 1.0 Updates Most Win10 Applications Mean?

In the past, I’ve turned to 3rd party tools such as SuMO or PatchMyPC to keep my Windows PCs up-to-date. The most usable version of SuMO costs €20 and up. PatchMyPC is free but somewhat limited in the programs it can recognize and update. So far, WinGet finds — and updates — programs that not even SuMO recognizes (e.g. Strawberry Perl and SpaceDesk). And of course, it’s free for the download from Microsoft’s GitHub repository.

If you look at the lead-in graphic for this story, you’ll see the command syntax to ask WinGet to list programs for which it knows upgrades are available. That syntax is simple:

WinGet upgrade

does the trick. If you want to actually run those upgrades, you need only add --all to the preceding command to fire it off (note the double dashes that precede the word all). You can see the tool at work in this oversized screencap:

WinGet 1.0 Updates Most Win10 Applications.upgrade-all

WinGet skipped Firefox and Zoom (a UWP app) and owing to my mistake hung up on updating the final item: spacedesk Windows DRIVER.
[Click image for full-sized view.]

The tool hung while trying to update SpaceDesk. This was probably a self-inflicted wound, though, because an earlier Macrium Reflect update did leave a reboot pending to complete its own installation. I had to kill the PowerShell process tree to terminate that apparently never-ending update, thanks to my oversight.

After Restart, All’s Well That Ends Well

And sure enough, after a restart, another round of WinGet upgrade -all took care of the SpaceDesk item. It ran through to completion (and even reset the graphic driver automatically to “make room” for itself). This capability is worth getting to know. I predict some admins will find it eminently capable of keeping up with (most) upgrades on Windows 10 PCs, especially reference image machines for deployment use. Check it out!

What Did WinGet Miss?

To give the Devil his due, I just ran SuMO to see what WinGet’s update check missed. Here’s a list of what it didn’t find (and for which apps, therefore, update packages are presumably needed):
1. CPU-Z
2. SuMO itself
3. Snagit
It just goes to show that none of these tools is absolutely complete, though some are more complete than others. I still like what WinGet does and how it works just fine!


Power Options VM Surprise

It’s been a painful last few days here in Windows World. I’ve been working on a loaner, locked-down machine in connection with a code analysis project. Because that code is protected and valuable intellectual property (IP), I’m able to access its GitHub repository only through a VM running on a hardened and isolated system. Essentially, I have to access the VM through a browser tab set up inside a VPN-accessible secure store. It hasn’t been going too well, either: each time I tried to use the VM and left the machine alone for a while, it would drop its connection. And then, to make things worse, I couldn’t get back in without asking an IT admin to reset the server side of the remote access environment. That’s where  an unwanted and unexepected Power Options VM surprise came into play.

What Is a Power Options VM Surprise?

If you look at the lead-in graphic, you’ll see that one change I make on my Windows PCs post-upgrade or install is to change the sleep interval to “Never.” The default is 30 minutes. Accessing the VM used a commercial VPN into a host server. Then, a remote access client (first RDP, then VNC) connected to the VM itself. For a long time, the firm’s IT guy kept fiddling with RDP settings and such. Eventually he switched to VNC for remote access, thinking it might be an RDP protocol issue at work (or not).

But the disconnect issues kept popping up, where the VM connection would drop when the machine was idle for 30 minutes or more. This finally caused him to investigate the Power Options, where it was immediately obvious the default “sleep after 30 minutes” was the culprit. Resetting the value to my usual preference — that is “Never” — has since fixed things, hopefully for good.

Troubleshooting 101: Don’t Overlook the Obvious

As an outsider with only a regular user account, it wasn’t up to me to mess with default settings on the locked-down machine furnished to me for this project. Ditto for default settings for the VM I was accessing to get into the target code base. But gosh: I have to believe we were looking for complex solutions to a seemingly complex problem. Instead, we should have been looking for simple solutions for a straightforward default settings check.

The moral of this story is not lost on me. I hope it will likewise inspire you to make a checklist when working with VMs, and to put “check default settings” (especially in Power Options) right near the head of that list. Sleep may “knit up the raveled sleeve of care,” as the Immortal Bard put it. But sleep causes all kinds of interesting problems for Windows PC — and now I know, for Windows VMs, too. Funny thing, I’ve learned to make this tweak because I use RDP extensively here at Chez Tittel to get from my production desktop to the 10-plus other PCs usually running around here. I shoulda known…


Build 19041/2/3.1023 Brings News & Interests Mainstream

Normally, many people steer clear of late-in-the month Windows update offerings. That goes double for KB5003214, which is a non-security CU (cumulative update) Preview update. Please let me suggest a reason to over-ride such natural and eminently sensible hesitation. This update brings the News & Interests taskbar/notification area mainstream into current Windows 10 versions 2004, 20H2 and 21H1.

This morning, after installing KB5003214 on my production PC, I had the pleasure of seeing the News & Interests “bug” show up at the right-hand side of the taskbar, like this:

Build 19041/2/3.1023 Brings News & Interests Mainstream.bug

It may not look like much, but you can expand it by clicking, and it’s been a long time coming.

If Build 19041/2/3.1023 Brings News & Interests Mainstream, Install It!

Personally, I’d  been on the B side of Microsoft’s protracted A/B testing for this feature on Dev Channel and other Insider Preview builds. Thus, I couldn’t wait to see it go mainstream. It’s popping up on production desktops at Chez Tittel right now like mushrooms after the rain. (FWIW, we’ve had plenty of rain around here lately, too!)

If you look to the bottom of this screencap from the KB5003214 release notes header, check the first highlight. It proclaims “News and interests on the taskbar is now available to anyone who installs this update!” Need I say more? Surely, that’s worth jump-starting normal practices and installing a preview CU to see.

Build 19041/2/3.1023 Brings News & Interests Mainstream.proclamation

Jump to the bottom for the News and Interests proclamation.

You tell me: is this a compelling reason to jump the gun, or not? I can only say I found it compelling. You’ll have to decide for yourself whether or not you want to download and install KB5003214, or wait for next month’s Patch Tuesday CU and get it then instead.