I guess it figures. No sooner do I post a blog questioning the10 stability of Windows 10’s Current Branch does Windows guru Woody Leonhard declare that the OS is ready for prime time. In fact, the title of his 10/28 InfoWorld story reads Windows 10 Anniversary Update: Finally ready for prime time. Let me explain the reasoning why Woody Leonhard blesses KB3197954, then add some commentary.
How Come Woody Leonhard Blesses KB3197954?
Woody’s stance on the current state of Windows 10 AU is nicely summarized in the first paragraphs of his story. I reproduce them verbatim:
It took nine cumulative updates and more than 12 weeks, but the latest version of the Windows 10 Anniversary Update seems good to go. I’ve converted my production Win10 Fall Update (version 1511) systems to 1607 and recommend you do the same. For those of you who used the wushowhide trick to block the upgrade to 1607, now’s a good time to go back and “unhide” the update.
Why the optimism? Microsoft has finally fixed most (although not all) of the myriad problems that appeared in the original Aug. 2 release.
Sure, Woody gives the Devil his due and gracefully concedes that most but not all of the reported problems with Win10 AU are fixed. But he now asserts that it’s safe enough for him to upgrade his machines. That probably means they’re safe enough for you, too.
A Safer, Sounder Upgrade Strategy
If your Win10 PCs don’t fall prey to potential problems the upgrade should go swimmingly. But these problems include black screens, OS freezes, and Windows update issues. They also encompass driver difficulties with USB, graphics, touch pads or mice and keyboards, and so forth. FWIW, of the 8 machines I babysit regularly, I’ve had intermittent trouble on exactly two of them. One of those is a test machine running the Insider Preview (which is deliberately asking for trouble). The other is an older machine with borderline hardware compatibility issues (another invitation to trouble).
I do think there remains some potential for encountering trouble during the upgrade (such as failing to complete successfully), or afterward (such as freezing, performance issues, or device/driver problems). Even so, I’m inclined to agree with Woody’s assessment. But then, I’m not afraid to roll up my sleeves and start troubleshooting when things get wonky.
Here’s a tip for those in doubt of successful outcomes who are inclined to give it a try anyway. Make an image backup and a recovery disk before you start the upgrade. If things don’t finish or you hit vexing snags after the upgrade, boot to the recovery disk. Then, you can roll back to the pre-upgrade image with ease. Using Windows Backup on a typical PC takes up to half an hour; 15 minutes for Acronis True Image 2017, or 3-5 minutes for Macrium Reflect. While most upgrades should go swimmingly, you’ll have a viable (and not too time-intensive) fallback strategy to get your PCs working again if they don’t.
Three Windows 10 release branches unfolded since the OS made its debut in July, 2015. Recent events and issues have me pondering this proposition: “Current Branch or Extended Beta?” Let me explain, first with some history, then with some recent observations.
First the history part. At present, there are three primary branches in the “servicing options” tree:
- the most current branch, aka Current Branch (CB) now on version 1607
- the Current Branch for Business (CBB) now on version 1511 (November 2015)
- the Long-Term Servicing Branch (LTSB), still on version 1507 (RTM)
End-users/consumers follow the CB, where they suffer the slings and arrows of current/bleeding-edge release issues. Business users follow the CBB, and are somewhat insulated from those projectile weapons. The LTSB aims at situations where stability is the end-all and be-all. This means kiosks, factory floor systems, nuclear power plants, and the like. In short, LTSB is for places where “If it ain’t broke, don’t fix it” rules supreme. It’s also where a corollary has emerged “If it ain’t broke, don’t update it, either.”
Whence That Proposition: Current Branch or Extended Beta?
Lately in the wake of the Anniversary Update on August 2, 2016, I’ve observed lots of CB users complaining about Windows 10 1607 and its follow on cumulative updates (9 of them, starting on August 2). I’ve also spent two-plus hours every day for the past 5 weeks helping out on line at TenForums.com. There, I’ve seen numerous users wax wroth and eloquent on these and other issues:
- Difficulties installing AU and subsequent Cumulative Updates
- Related issues with Windows Update problems and failures
- Profound and vexing issues with Windows 10 freezing up and becoming nonresponsive
- Booting to a black screen instead of a desktop
- Serious driver issues with audio, printing, and video
I’ve also seen personal reports from dozens upon dozens of TenForums members and visitors claiming they they’re rolling back. That is, they’re reverting to Windows 7 (mostly), Windows 8 or 8.1 (only a few), or earlier versions of Windows 10 (the remainder). They’re doing do because problems that prove too intractable or time-consuming to fix on the Current Branch simply don’t exist on earlier versions.
Hence the Proposition…
It all has me wondering if MS might not be assuming that because such business as has upgraded to Windows 10 is hanging back on the CBB, it’s OK to use the end-users and consumers on the Current Branch as guinea pigs. That is why I think “Current Branch or Extended Beta” could explain a lot of what I’ve been seeing and hearing recently. Perhaps this is too cynical, and MS really seeks a stable leading edge OS environment. But it’s indisputable that they have averaged three cumulative updates per month since August. It’s also indisputable that some of these updates have included hurry-up fixes to issues introduced by their predecessors.
My fervent resulting wish is for MS to slow down the pace of releases, and spend more time compatibility testing them. We’ve got a new Preview level that anticipates the Current Branch (I’m running it on my Surface Pro 3, in fact). Why not spend more time unkinking updates there before dropping releases into the Current Branch itself? This lowers the troubleshooting burden for non-professionals in the end-user and consumer communities. It might also repair some of the damage to Win10’s reputation that Microsoft has foisted it upon itself recently. Hello? I only hope somebody at MS is listening…
There’s been a persistent problem with recent Windows 10 releases in the Current (1607, into build 143xx) and Insider (into build 149xx) source trees. After installing an upgrade, elements of Windows.old resist removal, even with Disk Cleanup. Upon further inspection — as documented in this 10/15/2015 post — special maneuvers are needed. That means a boot to an alternate OS image and manual deletion at the command line. For some reason, the upgraded Windows environment runs drivers from Windows.old. Fortunately, there’s a cleaner for that. The Windows.old Cleanup Tool available at CNet’s Download.com makes booting into an alternate runtime unnecessary.
Compact and trivial to use, Delete Windows.old does the job.
What About the Windows.old Cleanup Tool?
According to CNet, a small software development company called Snailsuite built this tool. However, I can’t find much information about them. That said, details from the properties file for the “delete windows.old.exe” provide some context. They say the language is Chinese, and product name and copyright fields include Chinese glyphs.
Reassuringly, VirusTotal gives the file a clean bill of health (with a detection ratio of 0/56, the best outcome possible). That’s why I’m not worried about grabbing and using this tool. It’s simple, straightforward, and does the job. What more could one ask of a one-trick pony utility? It does take a long time to complete a full-blown cleanup, though, so I’d leave it for situations where normal cleanup techniques don’t result in a total scrubdown. As they say on the Internet, YMMV (your mileage may vary)!
Microsoft’s handling of updates has changed since the days of Windows 7. In that OS, users were presented with a slate of pending updates. Checkboxes next to each item let them select which ones they wanted, and which ones they didn’t. In Windows 8 and 10 versions that is no longer possible using Windows Update. The new philosophy might be expressed as “all or nothing.” Fortunately, a pair of Windows Update alternatives helps savvy power users regain their power of choice.
Windows Update Alternatives #1: WUMT
WUMT stands for Windows Update MiniTool. It’s the work of anonymous developer “Mr. X” based in Mexico, who posted this tool in the Wilders Security Forums in 2013. I grabbed my copy from MajorGeeks. (They do a good job of tracking the most current releases of this tool; dated 9/30/2016). Here’s what it looks like:
Notice the checkbox next to the lone item: lets you decide whether or not to download.
Unfortunately, I didn’t take a screen cap on October 7, when the last batch of updates rolled out. Thus, no real Windows Update items are showing (all you see is a Logitech driver). But the presence of the checkbox to its left is what counts: this is how you select individual items (or not). A Hide control (the big letter H near the right side of the control bar below Update history) lets you hide updates you don’t want.
WUMT offers three bonuses over standard Windows Update, IMO:
- It usually does the job faster than the built-in utility.
- It scans and offers new device drivers for the PC on which it’s running.
- It can access Microsoft Update, Windows Update and the Windows Store for updates.
The tool is good at recognizing drivers in need of updating. I’d rank it even with my previous favorite, Driver Update from Slimware Utilities, and ahead of my previous favorite, DriverAgent from eSupport.com. Because it’s free (no annual subscription fee) I’m pleased to give it two thumbs up.
Windows Update Alternatives #2: WSUS Offline Update
WSUS Offline Update lets users request an update download for Windows or Office updates. They can fire it off at any time without maintaining ongoing Internet access. Thus, this tool is something of a “batch job” for grabbing updates. I found it through an article from the How-to Geek entitled “How to Fix Windows Update When It Gets Stuck.”
Using the tool is simple. Identify the version of Windows you want updates for, select among some options, designate a target location for updates, and fire it off with the Start button. It is, however, limited to grabbing only Critical items. Unlike WUMT, this tool is not a complete replacement for Windows Update. You still need to access that service for non-critical updates. It doesn’t do drivers, either. But it is easy to use, compact, and makes updates locally available in a variety of usable forms (it even builds ISO images for mounting and reuse).
Identify the target OS, choose some options, and you’re ready to rock’n’roll.
Given these alternatives, admins and power users can easily avoid Windows Update when trouble rears its ugly head. Based on recent issues with WU, it’s probably a good idea to grab one or both of these tools soon.
As part of its latest earnings report, MS reported on October 20 that for Q1 F72017 (Jul-Sep, 2016) there were 47 million active Xbox Live users. This number interests me, because it suggests how many of those that MS reports as active Windows 10 users fall under the Xbox umbrella. It’s been just over a year since the Xbox started running Windows 10 instead of its own proprietary OS. Ever since, MS has been included those devices in its count of overall Windows 10 active users. Of course, this makes factoring out Xbox interesting. The company is still reporting the 400 million number, as follows:
On this ‘By the Numbers‘ page, MS is still reporting the global device count at 400M.
After Factoring Out Xbox, What’s Left?
Of course, now we know we should discount the total figure by somewhere around 50 million or so when factoring non-PC devices out. Windows phones still account for something, but by no means as much as the Xbox count. But that puts the numbers of PCs running Windows 10 somewhere in the 350M neighborhood. Assume for a moment that NetMarketShare’s latest numbers accurately reflect global PC counts. Then, with Windows 10 at 22.53% at present, that puts Windows 7 users at 750 million devices or so. It also puts PCs running Windows 8, 8.1 and XP at about another 290 million. Other versions of Windows (Vista, and NT) account for another 20 million give or take.
The grand total for Windows PCs of all stripes would therefore fall around 1.41 billion all told. With the total number of PCs globally estimated to be over 2 billion by this year, MS comes up considerably lower than the active count from NetMarketShare at 70% in round numbers. NetMarketShare’s analytics put that value at 90.85%.
I can’t help but think that NetMarketShare is missing some significant portion of global traffic and thus also underestimating the total number of PC users world wide. If they’re undercounting PCs, might they not be overcounting Microsoft’s share as well? It’s hard to say conclusively, but easy to wonder about out loud…
Paul Thurrott reports this morning that the Windows 10 Anniversary Update (AU) is now running on a sizable majority for active users of the latest flagship version. In fact, Win10 AU zooms into majority status with 77 percent of all Windows 10-based PCs having upgraded. The progression of numbers has been dramatic since its release on August 2. Some 16.2 percent upgraded by late August, with 35.5 percent by the end of September, and 77 percent right now.
The stretched out uptake comes in part because MS did not roll out the AU to all users through Windows update immediately. Thurrott speculates, in fact, that MS deliberately slowed the pace to provide time to diagnose and fix various problems it manifested. But with uptake now over three-quarters of active users on the Current Branch, he goes on to speculate further that:
- the AU will be “fully deployed by the end of November”
- “the problems are finally behind us,” meaning that webcam, OS hangs and freezes, and other issues are now mostly fixed
Win10 AU Zooms Into Majority Status Does NOT Mean “Mostly Fixed”
I’ve been hanging out on TenForums quite a bit for the past month, trying to gauge the current state of the Anniversary Update. Unlike Thurrott, I am not yet convinced that the undeniable issues with this release are “mostly fixed.” Indeed, an unusual number of cumulative updates show since the AU appeared. From the MS Support listing for Updates for Windows 10 Version 1607 , there are 8 such updates:
Users at TenForums report issues installing many of these (and other) Windows 10 updates. Sometimes, manual downloads from the Update Catalog overcome Windows Update service ills. Sometimes, they don’t. And sometimes, Windows Update itself goes wonky. Numerous users report problems getting Windows Update to work normally after install problems occur. Lately, the issue with Windows freezes has declined in frequency. But numerous users still report freezes, and are being forced to roll back to the 1511 version to restore their PCs to working order.
The number and frequency of cumulative updates also indicates — IMO — that issues keep popping up. The traffic on TenForums makes this assertion more credible, too. There’s been a raft of rants, complaints, and grumbling that matches or exceeds anything I’ve seen since Windows 8 appeared. That’s not something that MS wants!
In the hit 90s animated TV show Hey Arnold!, Arnold’s neighbor Mr. Hyunh becomes an unlikely country star with his song “Simple Things.” He sang about the simple things he likes about life — rain, spring, spicy chicken wings – but he might as well have written the tune about Windows desktop security.
Windows administrators may stay up at night worrying about complex attacks hackers are concocting, but what they really need to focus on is the basics. Sophisticated attacks exist, but attackers could also just steal passwords.
Something as simple as bad passwords can be a gateway to infiltrate Windows. That’s why IT should set length and complexity standards, and require users to change passwords periodically. They should also consider multi-factor authentication such as Windows Hello in Windows 10. This biometric authentication tool allows users to log in by scanning their fingerprints, irises or face.
Admins also must prevent users from accessing unapproved information and limit what they can do with certain data. The Windows 10 Anniversary Update helps IT do just that with Windows Information Protection (WIP), formerly known as Enterprise Data Protection. WIP uses what Microsoft calls enlightened apps to differentiate between personal and business data in Windows 10. Admins can also choose which applications can access what data and prevent users from performing tasks such as copying and pasting business data into unapproved apps.
It is also important to make sure security patches and antivirus software are up to date on every device, as well as encrypt all devices in the organization. Otherwise, if a user loses a device or it gets stolen, it’s easy for someone to access company data because the device password is the only line of defense. Finally, IT should invest in a Windows logging or monitoring tool to see which users might be opening up vulnerabilities.
Any Windows admins losing sleep over security should use Mr. Hyunh’s crooning as a lullaby and remember that it’s the seemingly trivial — summer breeze, 16 cans of peas and a two-speed window fan — that make him happy. It’s the little things that are most likely to come back and haunt Windows security, too.
For a long time, one beef among experienced Windows users has been the company’s insistence on using Internet Explorer for grabbing updates. But starting in mid-October, 2016, MS opens its Update Catalog to non-IE browsers. But there’s a catch. Those who visit the catalog using another browser still see this message if they visit https://catalog.update.microsoft.com/:
If you use Google to navigate to the Update Catalog in Chrome, you still see this.
But if you know where to surf, you can see and access the Update Catalog quite nicely. This works for those using Chrome, Edge, or another non-IE browser of your choosing. The new, browser-friendly URL is http://www.catalog.update.microsoft.com/. Here’s what Chrome showed me just now, using that URL instead of the preceding one:
Insert a www in front of the old base URL, drop the “s” in https, and Chrome shows this.
Why MS Opens Its Update Catalog to Non-IE Browsers Matters
This may seem like a non-issue to some readers. But in some corporate environments, policy dictates use of specific browsers, and only those browsers. If IE wasn’t on that list, admins were unable to access the Update Catalog without somehow circumventing that policy. Now, the new URL works with all the modern browsers I tried (Chrome, Edge, Firefox, and Opera). Thus, I’m assuming the doors are also open to other browsers outside this short list of leading choices among the hundreds of browsers available for Windows today. Certain recent issues with installing Cumulative Updates can necessitate manual downloads of items that don’t or won’t install automatically. That’s what makes this new open-door Catalog a good thing.
Anybody looking for a deeper explanation for why this change occurred need only look at this message that appears in Edge. It pops up when you try to open the old URL for the Update Catalog:
It would hardly do for MS’s new flagship browser to describe the current Update Catalog as “vintage web tech” eh?
Obviously, if MS wants to hitch its wagon to Edge going forward, it should handle the Update Catalog directly. I’m just glad the company decided to let other browsers into the catalog as well. They could just as easily have restricted it only to Edge and IE, and left all the others out in the cold. I hope it speaks to the new sense of open-ness and Open Source support that’s manifesting at Microsoft that they let the other browsers in through the same door that opened for Edge. When MS opens its update catalog to non-IE browsers, everybody wins!
Yesterday was Patch Tuesday, and included another Cumulative Update: KB3194798. This one included a bit of a surprise. Cleanmgr.exe offered to cleanup 3.99 TB from my 500 GB C: drive. It’s best appreciated from this screen cap:
That’s not something you see often on a 500GB drive!
How Can You Cleanup 3.99 TB from a 500GB Drive?
As it happens, Windows Update files reside in the Windows Component Store (aka the WinSxS folder) along with OS components. Though these files are reported elsewhere in the disk structure, too, they really reside in WinSxS, and are linked to other folders. Thus, for example Notepad.exe really resides in WinSxS, but shows up in C:\Windows in the “Location” field on the General properties tab in File Explorer.
Here’s what the Windows IT Center article “Determine the Actual Size of the WinSxS Folder” says about file size reports:
For operating system files, it can appear that more than one copy of the same version of a file is stored in more than one place on the operating system, but there’s usually only one real copy of the file. The rest of the copies are just “projected” by hard linking from the component store. A hard link is a file system object that lets two files refer to the same location on disk. Some tools, such as the File Explorer, determine the size of directories without taking into account that the contained files might be hard linked. This might lead you to think that the WinSxS folder takes up more disk space than it really does.
This set of update files must be hard-linked all over the place. That explains why their reported size vastly exceeds the 1.3 GB of actual disk space that they occupy. The number was good for a chuckle, however. It also provided an opportunity for me to learn something useful and interesting about the WinSxS folder. There’s more going on than you might think when it’s time to cleanup 3.99 TB of update files.
One More Thing…
This particular cleanup takes a looooong time to complete, so be patient. It averaged between 15 and 20 minutes on my Windows 10 PCs. After it’s done, you’ll want to restart your PC. Then brace yourself, because cleanups will continue for another 15 minutes or more before the machine shuts down and restarts. Apparently, there’s a LOT of cleanup involved here!
[Note: thanks to TenForums user Bree whose forum comment brought the cited TechNet article, and its WinSxS explanation, to my attention.]
Normally, I don’t write much on Insider Preview releases for Windows 10 here. But the latest build, 14942, includes a small but significant and noteworthy change. It appears as a single line of data in the Registry Editor, aka regedit.exe. In that single line RegEdit gets address bar capabilities. There, it displays a string for whatever key is selected.
The address bar reads “Computer\HKEY_CURRENT_USER\Control Panel\Cursors”
Why RegEdit Gets Address Bar Matters
Since time immemorial, extracting key strings from the Registry required multiple steps. They are: high-lighting a key, right-clicking an entry of interest, and selecting Copy Key Name from a pop-up menu. In stark contrast, the new approach is simpler. Simply highlight the current value in the address bar, and click Ctrl-C. Once in the paste buffer, paste that string as needed. Little, well-thought-out conveniences like this improve Windows 10 usability. Because they must often use registry keys in scripts and such, this change is especially helpful for admins and power users,
Ordinary users can’t do this until the next major Windows 10 build comes along. Right now, that upcoming release is code-named Redstone 2. Best guesses suggest it will probably debut in Spring 2017 (see this Windows Central story). This next Win10 milestone should focus on “productivity improvements for the desktop” along with “much-needed features and enhancements” for Windows 10 Mobile, from that same source.
My primary source for this information comes from Rafael Rivera at Thurrott.com. His 10/7/2016 story “Windows 10 Registry Editor Gets Very Welcome Address Bar” inspired this blog post. Thanks a bunch, Rafael! He uses phrases like “awesome” and “super-excited” in describing this addition. I’m not sure it’s worth that much exuberance, but it is a nice change.