An alert TenForums member reports seeing some “new” attributes show up in the help file for the attrib command. Next, numerous community members jump in to provide explanations and information. Bam, I learn about new OneDrive file attributes uncovered. Happily, I also get a glimpse into ReFS, too. (ReFS is the Resilient File System. Originally a planned general NTFS successor it’s now present only in current and future Windows Server and Windows 10 Pro for Workstation editions.) To round things out, here’s what help information for attrib now looks like:
The following table explores and explains OneDrive-related attributes.
Exploring New OneDrive File Attributes Uncovered
From here on, I focus only on attributes applicable to OneDrive. For ease of access and readability, I present these items in a table.
|New “attrib” file attribute IDs Explored & Explained|
|P||Pinned attribute||When pinned a file or folder is always available locally.||Managed OneDrive Files On Demand|
|U||Unpinned attribute||When unpinned a file or folder is available only online.||Managed OneDrive Files On Demand|
|(R)||Recall on access||When present, indicates a file should be recalled when data access is initiated||Social.technet.ms|
The OneDrive Attribute Story
Thanks to some program-based analysis using PowerShell to correlate attributes with OneDrive settings, here are the various OneDrive statuses that a file may assume. (All are mutually exclusive, so only one status is possible for a file at any time.)
1. Online only equals -P+U+R.
2. Locally available equals -P-U-R.
3. Always available equals +P-U-R.
NOTE: “R” isn’t a real attribute value from the attrib command. That value is only available programmatically and corresponds to the attribute formally named Recall_On_Data_Access. I use it here as shorthand only. That’s why it’s in parentheses in the table. A minus marks a turned-off attribute. A plus sign marks one that’s turned on. Thus, -P-U-R means all three attributes are turned off. You can take it from here…
Now you know!
In Windows-speak, an upgrade repair install refers to upgrading a Windows installation to the version that’s already running. This sounds like a waste of time, at first blush. But, consider that this replaces all OS files and device drivers, and rebuilds the registry from scratch. It also leaves user-installed applications in place along with all data files, settings, preferences and so forth. Thus it provides a squeaky-clean new version of the OS. This can be incredibly handy when trying to fix mysterious or difficult Windows problems. In the wake of a problem-plagued release for Insider Preview 17074.1000, MS let go of a new version yesterday. With tongue in cheek, I assert that this build 17074.1002 introduces involuntary upgrade repair install techniques. That’s because it starts completely over with a new version of Win10.
Installing this update took nearly 3 hours — and left a Windows.old behind!
WAG*: Why I Think 17074.1002 Introduces Involuntary Upgrade Repair Install
[Note; WAG = wild-a**ed-guess.] Users reported many problems with the initial release, 17074.1000. I think MS just wanted a complete do-over. The original announcement blog post, now kicks off like this:
UPDATE 1/18: Today we have released Windows 10 Insider Preview Build 17074.1002 to Windows Insiders in the Fast ring. This build is the same as the version of Build 17074 released last week with 2 additional fixes. We have fixed the issue causing AMD PCs to become unbootable – which means we have removed the block for AMD PCs we put in place last week. And we also fixed the issue causing certain devices to hang on the boot screen after upgrading if virtualization is enabled in the BIOS.
Outside the two items specifically mentioned — namely unbootable AMD PCs and post-install boot hangs when virtualization is enabled in BIOS/UEFI — others report inaccessible boot devices, issues with network access and activation problems, and more. There’s an emerging consensus that 17074.1000 is one trouble-wracked Insider Preview release, in fact.
My theory is that Microsoft recognized these (and perhaps even other) difficulties. They decided Insiders should start over with a fresh new Windows 10 Insider Preview version. They pushed 17074.1002 out. That’s my story, and I’ll stick to it until something more sensible comes along! I also wish they’d warned us more explicitly that what looks like a small update from 17074.1000 to 17074.1002 is really another full-blown major version upgrade. Sigh.
[Note Added 1/19 4 PM: A note from Woody Leonhard…]
Here’s a great quote on the recent patchpocalypse at Microsoft, straight from Woody at ComputerWorld
With (hundreds of?) thousands of PCs bricked by bad patches this month and (hundreds of?) millions of Windows customers bewildered by the avalanche of patches — we’ve seen bucketloads of patches on Jan. 3, 4, 8, 9, 11, 12, 17 and now Jan. 18 — you have to wonder when it will all straighten out. Best I can tell you is to turn off Automatic Update, and wait for some semblance of sanity to return.
Anybody who’s worked the Microsoft Deployment Toolkit (MDT) know that it’s all about the wizards. Lots of wizards (dozens, anyway), in fact. That’s what makes a new, free PowerShell script called MDT PS Wizard attractive. The MDT PS Wizard covers most of the MS deployment wizards under one umbrella. Yes, that’s right: it gathers the functionality of a majority of MDT wizards, including most of the popular ones, within a single GUI.
How MDT PS Wizard Covers MS Deployment Toolkit Wizards
This PS script basically grabs and organizes all of the MDT wizards under six different categories — namely:
You’ll see these categories at the left of the following screen cap, where the words above map to the left-hand-side icons below in the following screen capture:
The preceding category names map to the icons at center left in this PS-based GUI environment.
[Click image to see full-sized view.]
This effort is the work of Damien Van Robaeys, a Francophone developer and administrator who runs a peachy website called www.systanddeploy.com represented as “Syst & Deploy” as the site cognomen. You’ll find the offering nicely covered in a blog post from Damien entitled “MDT PS Wizard: All MDT Wizards in one.” It’s got a nice video that shows how the GUI looks and works, along with a detailed set of installation instructions. Great stuff!
Hint: to really see what his videos and illustrations depict, I’d recommend maximizing them to run full-screen. Otherwise, it’s a little taxing on the eyes to really see what’s going on. This is a great piece of work, and one that puts a prettier face on MDT than the default wizards have to offer. For those who spend appreciable amounts of time working in or with MDT, this is definitely worth checking out. The Details, Domain, Network, Applications, and Backup items are especially interesting. Other is something of a grab-bag that includes references to a WSUS server, logging, and product key information for use within the MDT environment.
In December, I found myself perplexed. I was unable to mount either of a pair of 4TB HGST hard disks on my production desktop. Over the weekend, I finally solved that problem, and learned to my chagrin that I’d shot myself in the foot. It turns out that these dual-drive docks I’d been using require a 12-volt 3A (3000 mA) power supply. As it happens, I’d mistakenly switched that higher-amperage brick with a 12-volt 2A (2000 mA) from a single-drive dock. Because the 4 TB drives draw more power than any of my other, smaller drives, they simply wouldn’t work when I connected a lower-power brick to any of my dual drive docks. Thus, as I entitled this post: operator error explains 4TB drive mystery!
When I bought a replacement unit at Fry’s this weekend, I realized I needed a higher-amperage brick. Doh!
Recognizing That Operator Error Explains 4TB Drive Mystery
I’d convinced myself that something was wrong with the motherboard on my production PC. Primarily, that’ s where I use my high-capacity drives for extra backups, storing VMs and virtual HDs, Windows and other big software downloads, and so forth. But nothing was wrong with that machine, the drives, or the docks I was using. The only error was in not noticing that the brick for the dual drive unit is about half an inch longer than the single-drive version. Turns out that while the voltage is the same (and allows the larger unit to light up and look like it’s working), the amperage difference matters a lot.
Bigger is better when it comes to running big drives! 3000 mA unit top, 2000 mA unit bottom.
It just goes to show yet again the dangers of acting quickly without really thinking about all the parts and pieces involved. Somewhere along the way, I assumed that the bricks would be interchangeable. I was wrong, and temporarily lost access to my 4TB drives until I figured things out. At least, because operator error explains 4TB drive mystery, with that mystery solved I can once again use my drives. And so it goes, here in Windowsland!
It’s a sometimes scary world for Windows PC caretakers. That goes double when patching involves BIOS or firmware updates. That’s been on for a week now, following the Specter and Meltdown vulnerabilities. First reported on January 2, related firmware updates have appeared since the day after that. Last night, I updated the BIOS on my Dell Venue Pro 11 7130. I also upgraded it to Win10 Build 17074.1000. Because both actions could reportedly “brick” a (hopefully small) number of PCs, I reviewed a classic list of Win10 PC brick-avoidance techniques. I’ll recite the most useful ones here, assuming that most readers will “cross their fingers and pray for success” without any urging from me! (Here’s a vocabulary note for those unfamiliar with the term. To “brick a PC” means to turn a working piece of circuitry into an inert and useless lump with the same abilities as a veritable brick.)
Flashing the BIOS always presents the possibility that the PC won’t boot up afterward. Taking proper precautions reduces that risk.
Listing Win10 PC Brick-Avoidance Techniques
1. Make a complete image backup/capture of your system before you start updating or upgrading anything.
Prudence dictates a good, reliable way to return whence you started whenever OS or firmware updates or upgrades are pending. A backup will not rescue you from all possible forms of harm, but it will help with many of them. Don’t start updating or upgrading without one!
2. Be sure to apply the proper update or upgrade.
Force-updating firmware or BIOS using the wrong software is the surest and fastest method to brick a PC. Make doubly-darned sure you’re attempting the update using software specifically for the OS or device involved. Version, bittedness, even human language support matters for Windows; precise rev levels for PCs, motherboards and other devices matter for hardware A LOT. The only PC I ever bricked happened misreading an ASUS mobo version label had me apply the wrong BIOS. Fortunately, that BIOS chip was socketed and replaced with a new, working one. I was lucky: few BIOS chips are socketed these days. Thus, that would involve replacing the entire motherboard nowadays (this happened in the late 1990s or early 2000s). It’s also a good idea to read about and fully understand BIOS update procedures. Some motherboards support dual-BIOSes, so if one gets corrupted or damaged, the other can take over. If such features are available on target PCs, learn how to use them!
3. Don’t be a pioneer unless you have no other choice.
By pioneer I mean somebody who goes first and blazes the trail to make the unknown at least more familiar if not well-known and -understood. That means you shouldn’t rush to apply such upgrades and updates as soon as they become available. Wait and watch what happens to other people as they attempt such things, and pay special attention to those people whose PCs are like (or preferably, the same) as yours. If they report problems, hang back until they follow up to report those problems have been solved.
4. Learn your “emergency boot-to-BIOS” sequence (if applicable).
Some mobile PCs support special button combinations, because this tip applies generally only to laptops and tablets. These forcibly boot them into BIOS, even when they won’t boot with a single power button click. Curiously, for both my Surface Pro 3 and Dell Venue Pro, that requires depressing both the UP volume button and the power button. I must hold both down until a boot logo appears. Then I let go of both buttons and it boots directly into BIOS. Other devices have different sequences to accomplish the same ends. Function keys, such as F12, are popular on many laptops. Check your user manuals (or technician’s manuals, if you can access them).
5. Work Closely with the Vendor or Manufacturer (firmware stuff)
Most BIOS and firmware updates should be obtained from the motherboard or device maker (for DIY systems) or from the system vendor (for desktops, laptops and tablets from system makers). They will have tested this stuff extensively, and won’t be inclined to release patches or updates until they know they work reasonably well. If you have any doubts, contact the maker and ask for advice and instructions. For big buyers of HP or Dell boxes (and others of that ilk), that means they won’t want to risk your ire by pushing you (and their support staff) into troubled waters.
6. Disconnect All Non-essential Devices [Added 1/13]
I’m not sure this matters for BIOS or firmware updates, but when installing or upgrading Windows it’s generally considering good practice to disconnect all peripheral and storage devices from the PC, including external USB stuff of all kinds. Some pundits even recommend disconnecting all internal storage devices, too, except for the target drive for the OS install and upgrade. Thus, for example, I can remember numerous upgrades or installs on my Surface Pro that wouldn’t complete successfully unless I removed the microSD flash card I usually keep installed to extend my storage space somewhat. There’s plenty of agreement in the Windows community that this kind of device simplification not only speed installation or upgrade, but also improves its chances of success.
Follow this list of Win10 PC brick-avoidance techniques, and you’ll avoid most of the things that brick PCs in the first place. Those with other good suggestions on this front to share, please comment. If I agree that your ideas warrant inclusion here, I’ll do just that. Thanks!
As I mentioned in a 1/5 blog post, major vulnerabilities for Intel and Amd processors emerged over the holidays. KB4056892 addresses them, at least in part. But running the Get-SpeculationControlSetting PowerShell script (available within the PS window for download) is disturbing. It shows that on most machines a firmware/BIOS update from the PC or motherboard vendor is also required to patch these vulnerabilities. Among the more details on KB4056892 Wintel vulnerabilities I provide here is unwelcome news that few such updates are available. In fact, many hardware vendors haven’t released such updates, particularly for older systems. Let me elaborate…
Here Are More Details on KB4056892 Wintel Vulnerabilities
Right now, my only fully-patched system is my Surface Pro 3. It is fully patched because MS released the firmware updates at the same time they let go of related Windows OS and application updates on 1/3. None of my other systems currently qualifies, even though the newest ones are only 12 to 24 months old. To illustrate a complete patch, output from the PowerShell script on the Surface Pro 3 is quite revealing, on a variety of topics:
PS Script output for fully-patched Surface Pro 3.
[Please click image for full-sized view.]
Here’s what this output tells me:
1. It shows the sequence of activities necessary to run the Get-SpeculationControlSetting script, which include obtaining and installing the NuGet package provider to handle its installation.
2. It names the two vulnerabilities involved: branch target injection (BTI), and kernel VA shadow (KVAS). It also identifies their IDs in Mitre’s Common Vulnerabilities and Exposures (CVE) database — namely CVE-2017-5715 and CVE-2017-5754, respectively.
3. It shows that for BTI, that both hardware and Windows OS support are present, thanks to KB4056892 and a same-day firmware update for the Surface Pro 3.
4. The Windows OS is patched for KVAS (2nd group of green lines).
What About Systems Missing HW Support for BTI?
Alas, the 7 remaining systems here at Chez Tittel all produce the same depressing (or scary) results. I show the PS script output for my production desktop, built in January 2016 from 2015 parts. It tells a different story:
PS Script output for partly-patched homebrew desktop with Asrock Extreme7+ mobo, i7-6700, etc.
[Please click image for full-sized view.]
As the red lines in that output indicate, a few things are missing. Here’s what it says, in a form parallel to the preceding screen capture:
1. Same sequence of activities to make Get-SpeculationControlSetting script work.
2. Same recitation of vulnerability info.
3. Alas, no hardware support for BTI means Windows OS support is disabled.
4. Indeed, KB4056892 addresses the KVAS vulnerability.
Hopefully, I don’t have to explain why I’m checking the Asrock, Dell and Lenovo sites daily for updates to affected systems’ firmware. If your PCs are in the same boat, you should probably be doing the same. I’ll be patching those systems as soon as updates appear, and you should do likewise for yours.
[Note Added 1/12/18 9 AM]
Last night, when I ran Dell Update on my Venue Pro 11, I found a BIOS update for that machine. In the meantime, I’ve not only updated my BIOS to version A22 (dated 1/2, released 1/10), I’ve also upgraded that machine to the latest Insider Preview (Build 17074.1000). Happily, despite a couple of scares, the BIOS update didn’t brick the Dell unit — as reported for other Dell PCs recently — and the OS upgrade installed successfully, too. A quick run of the Get-SpeculationControl PS script shows all-green status for both vulnerabilities now, too. One more Dell, two more Asrock mobo PCs, and two more Lenovo laptops to go! Stay tuned…
[NOTE Added 1/16/18 9:40 AM]
Aryeh Goretsky of ESET created, and is maintaining, a database of all vendors with Meltdown/Spectre responses on the record. There are currently 210 entries in this list (which includes links to their info and responses) as I write this note. This is absolutely, positively the BEST and MOST COMPREHENSIVE coverage of the vendor responses that I’ve found or seen so far. Check it out: “Meltdown and Spectre CPU Vulnerabilities: What You Need to Know.” I’m blown away by the time and effort that went into putting this together…]
[NOTE Added 1/17/18 9 AM]
ComputerWorld Editor extraordinaire Val Potter touts Steve Gibson’s utility named InSpectre (get it?) that puts an approachable face on the Get-SpeculationControlSettings PS script. If you want your users (or friends, family, and other hangers-on) to do their own Spectre/Meltdown checks, this little tool will make it much easier for them to run the check and to interpret the results. To wit:
Behind the scenes, Windows runs all kinds of background tasks to keep things working smoothly — in theory, at least. However, users on TenForums.com report that thumbnails keep disappearing. Because thumbnails provide visual cues to the contents of photographs and images, users depend on them to identify and work with photos and graphics. Alas, deleting thumbnails means they must be rebuilt. No big deal for those with hundreds to thousands of images. But a big problem, for those with tens of thousands or more. In fact, users with large photo or image collections report that thumbnails get deleted before the thumbnail cache can be completely rebuilt. Unfortunately, this stymies their use completely, too. Luckily, a simple reghack fixes unwanted Win10 thumbnail deletions quickly and easily.
A RegHack Fixes Unwanted Win10 Thumbnail Deletions. How so?
As it happens, the Automatic Maintenance task is the culprit. Apparently, it includes instructions to empty the Thumbnail Cache each time it runs. Because that task runs daily by default, it’s clobbering thumbnail cache contents daily as well. You can check your settings at Control Panel → All Control Panel Items → Security and Maintenance →Automatic Maintenance. Alternatively, type “maint” into the Cortana search box and a link labeled “Change Automatic Maintenance Settings” should pop up automatically.
This screen cap shows the default settings for Automatic Maintenance.
Fortunately, you can disable thumbnail cache deletion with a single registry hack (aka RegHack). Details in the section that follows.
Thanks to some excellent sleuthing work from TenForums user ylm, we now know that the “SilentCleanup” task is our culprit. It appears within Windows Task Scheduler as Microsoft → Windows → DiskCleanup. Here’s how to disable thumbnail deletion in this task:
1. Launch Regedit.exe
2. Browse to HKLM\Software\Microsoft\Windows\
3. Set the Autoruns DWORD to 0 (zero)
4. Reboot the PC
Once enacted, this change stops Automatic Maintenance from deleting the thumbnail cache. Problem solved. For those with big photo or image collections, this can remove a major cause for irritation. Ditto for IT pros who manage PCs for people who work with photos or images on the job! If you fall into either category, this reghack is worth trying out.
Over the holidays, news emerged about a horrible flaw in x86 processors. Alas, it affects Intel and AMD hardware alike. This is hardware level stuff that will change layouts for future processors, because it exposes PCs to deep security vulnerabilities. In the meantime, users must accept performance hits on Intel processors from 5 to 30 percent! See this story at The Register for more details on what’s being called the “kernel memory leaking” Intel processor design flaw. Upgrade all Win10 PCs under your control to Build 16299.192 or higher ASAP.
You want Winver to report 16299.192 or a higher-numbered version to make sure the fix is installed.
Install Now: KB4056892 Fixes Critical Win10 Security Bugs!!
By default, Windows Update should happily install the afore-named update. Or, you can grab it from the Microsoft Update Catalog, and install it manually. Companies and organizations should rush it into compatibility testing ASAP. The same urgency applies to its deployment, too. This one is worth jumping the usual queue to accommodate, as admonitions from many security experts and recent calls to action will demonstrate.
Ultimately, PC vendors will also have to publish firmware updates to help address this issue. In fact, MS has already published firmware updates for its Surface family of products. Other motherboard and system vendors should soon follow suit. Be sure to check related websites for those updates, too!
On Another Subject Altogether…
I was surprised and pleased to have received an email from Microsoft on January 2, informing me that I’ve been chosen as a Windows Insider MVP for 2018. That means I’ll get more exposure to information about Windows 10 and related products and platforms directly from the source. Hopefully, I’ll be able to share some of that news with my readers and add to the flow of news and info on this blog and elsewhere. I’m still figuring out what all this means, but I’ll happily share what I can with all of you going forward.
[Shout out to Shawn Brink at TenForums.com whose 1/3 “Kernel memory leaking Intel processor design flaw” Windows 10 News post alerted me to this issue. Thanks!]
This is my last post for 2017, so it’s apt to reflect on the reigning desktop OS this year. We’ve worked our way through two Creators updates (Versions 1703 and 1709), each of which brought changes. Some of the big improvements have included mixed reality, OneDrive files on demand, and fluent design. It’s been strange to see PowerShell supplant Cmd.exe on the Winkey-X menu. (However, it’s easy enough to reverse this change in the Settings menus.) All in all, it’s been a big year for changes. In my own opinion, most of those changes have been for the better. But Windows 10 for 2017 has also seen its share of controversy and slams.
Plusses and Minuses Aplenty in Windows 10 for 2017
I follows the user forums at TenForums.com reasonably closely. I have probably read more than five thousand threads over the past year. People have found plenty of reasons to like Win10, but also many reasons to dislike or denigrate Microsoft’s current desktop OS. On the whole, I think that the plusses probably outweigh the minuses. The inescapable reality, however, is that for good or ill Windows 10 is the desktop OS that the vast majority of users must work with day-in and day-out.
Lord knows, I’ve had my share of mystery issues and frustrating gotchas with Win10 in 2017. But the OS keeps working, and I remain able to get my work done, obstacles and impediments notwithstanding. To those who get seriously worked up about such things I say: “My sympathies. Let’s find a workaround, or some kind of solution.” Yes, Win10 can be difficult and frustrating. But with relatively new capabilities like the in-place upgrade install (which replaces a hinky or questionable OS but leaves files and applications alone), there isn’t much that such a fix can’t address on most Windows PCs.
What to Make of Changes, Problems, and More
There’s still a lot to learn, and a lot to like, about Windows 10 for workday and personal use. Thus, as 2017 draws to a close, I’ll quote the memorable words of my old friend and CAD engineer George Osborne who would always say goodbye on Fridays with the same words. “I’ll see you here next Monday, unless a better offer comes along!” In this case, swap 2018 for next Monday because I’m pretty sure that Windows 10 will still be the market leading desktop OS once the New Year has rung in.
In the meantime, have a happy New Year, and enjoy the last few days of this one. I’ll be tackling problems and issues, reporting on new tools and technologies, and in general chasing down Windows 10 news once again on January 5, when we return from our family vacation.
Huh! I learned something interesting yesterday, thanks to some nice sleuthing work from my frequent Win10 collaborator, Kari Finn. We’d been chatting earlier in the week, and he’d asked me to open an ISO file to examine its contents. When I right-clicked on it, the “Mount” entry in the context menu had gone missing. Then when I double-clicked the file, and 7-Zip opened, we both knew that I’d allowed that program to over-ride the default file association when it had been installed last year. Undoing 7Zip ISO association forced me to dig into the new UWP way of doing things in Win10, so I thought I’d share that here for the benefit of other old-timers like me who might not have done it that way just yet themselves.
Undoing 7Zip ISO Association: Here’s How…
Basically, there are two ways to do this. The first one simply relies on using the Open with… element from the context menu in File Explorer. Launch this by right-clicking any ISO file, and then something like this window will pop up:
If you click the checkbox in this window, you’ll change the file association, too.
The second way to make this change is a bit more convoluted. Nevertheless, I wanted to learn how to do it the UWP way in Windows 10. This takes you through a four-item sequence of selections. Settings → Apps → Default Apps → Set defaults by app → Windows Disc Image Burner (!). Finally, you’ll see associations for the .img and .iso (Disc Image File) file types. This is where you can make sure that, as shown, Windows Explorer appears as the default (I manually switched it from 7Zip, in my case).
I prefer the preceding method, because it involves half the clicks.
And now, much to my relief, when I double-click on an .iso file in File Explorer, it simply mounts the file and opens a virtual drive to display its contents. Sweet!