Category Archives: Recent Activity

Insider stuff, Recent Activity, Security, WED Blog, Windows 11

Windows 11 Smart App Control

June 30, 2025 Ed Tittel Leave a comment

I’m always learning something new or surprising about Windows. In this case, I’m talking about Windows 11 since 22H2 came along in September 2022. That’s nearly 3 years ago, so to discover something mostly missing in new-ish (and brand-new) eval PCs from OEMs such as Lenovo, dynabook, and Panasonic is my surprise of the day. I’m talking about a feature in Windows Security — namely Windows 11 Smart App Control — about which I’ve been mostly oblivious until today.

This morning, I re-read a piece from Paul Thurrot from last Thursday (June 26) entitled You Use Windows. Be Resilient (it’s Premium content, so you’ll need to sign up for a membership to read this: sorry). Under the heading of app protection, it off-handedly mentioned Smart App Control as follows:

Windows 11 has a feature called Smart App Control that’s in a weird state of flux and may or may not be configurable on your PC. Open Windows Security and navigate to App & browser control > Smart App Control, and see whether you can enable it. If you can, do so.

“Hmmm” I thought to myself, I don’t recognize this. “I’ll go look.” On the vast majority of new machines (all issued in 2023 or later) I found that — as you can see in the lead-in graphic– Smart App Control was turned off. And right below that status: a can of interesting worms. Gotcha!

A Gotcha in Windows 11 Smart App Control

That can of worms is, of course, the explanation beneath the “Off” toggle that reads “If Smart App Control is off it can’t be turned on without reinstalling Windows.” Really?!?!

That’s right. Apparently, enough people have noticed this distressing detail that MS has put together a FAQ around this very topic. It’s the one that’s accessible from the link at the bottom of the lead graphic that says Learn more about why Smart App Control is off.

TLDR: Smart App Control hooks into the OS at a deep enough level that if it’s not there when the OS gets laid down, a new, clean install is necessary to put it there from inception to make sure it works like it should. In other words, if your install of Windows 11 predates 22H2 — as so many of mine do — or the OEM doesn’t enable this feature as part of their initial Windows 11 image install — you can’t have it without an OS do-over.

What’s in My Field of (New/ish) View?

With this item in mind I examined all of my newest PCs, only to find that just one of them supports Smart App Control (SAC), albeit in “Eval mode.” Here’s what that looks like:

Of all my relatively new PCs only the dynabook X40M2 supports SAC (in evaluation mode).

Here’s a list of those PCs, for the record:

The preceding graphic shows I’ve got it in “Evaluation” mode on the dynabook X40M2 laptop I received earlier this month.
It’s turned off on the Lenovo ThinkPad T14s (original Windows 11 install date November 2024)
It’s turned off on the Lenovo ThinkStation P3 Ultra (original Windows 11 install date November 2023)

I just got an eval from Lenovo for its new Copilot+ capable AIO (Model Lenovo Yoga AIO 9i last Friday. I haven’t unboxed it yet, so I can’ t yet say if it has it turned off or not. I’ll report back later.

Small Sample Size Warning & Wondering

The sample size is ludicrously small (3 machines so far, with a fourth on the way later this week). But it’s now a bit clearer to me why I haven’t run into Smart App Control before. It’s just not that widely dispersed in the field yet. And I bet a lot of other long-time Windows Pros like me don’t know they can’t have it on older PCs unless they bring it in via a clean Windows 11 install.

Very interesting! Let’s just hope the dynabook survives Evaluation mode with Smart App Control intact, so I can learn more about how it works, and what it really does. And isn’t that just the way things often work, here in Windows-World? You betcha!

Insider stuff, Recent Activity, WED Blog, Windows 10, Windows Update

Undoing Enterprise Version WU Defaults

June 26, 2025 Ed Tittel Leave a comment

This morning, I read a fascinating story from Mayank Parmar at WindowsLatest. It covers the one-year grant that MS plans to offer Windows 10 users to participate in the Extended Security Update (ESU) program at no charge. Given that around half of all Windows users still run version 10, that makes sense to me. But there’s a catch: apparently this offer extends to neither Enterprise nor Education versions of Windows 10. But first, that meant undoing Enterprise version WU defaults to figure this out. Let me explain…

Why Bother Undoing Enterprise Version WU Defaults?

I couldn’t opt into the “Get the latest updates…” option in WU unless and until I used gpedit.msc to explicitly disable a Group Policy setting. But I didn’t find it on my PC where MS Learn said it should reside, instead it was an additional level down, to wit:

Computer Configuration>Administrative Templates>Windows Components>Windows Update>Windows Update for Business

On Windows Home and Pro PCs (and probably Workstation as well) the hierarchy doesn’t automatically include WU for Business. On Education and Enterprise versions it does.

Long story short, I couldn’t see “Get ready for Windows 11…” or “Get the latest updates…” until I had explicitly disabled the policy named “Select the target Feature Update version.” As I think about it, that makes sense. MS is NOT giving ESU away to government, education and businesses; the grant only goes to SOHO and individual users. The others can — and many will — pay for their coverage plans. You don’t see the enroll info that Parmar shows in his story on my PC — and that’s because it’s running Enterprise.

And apparently, those running Enterprise and Education versions will not get the free ESU offer. I’m going to stand up a Pro version VM to double-check this, but I’m betting that’s right.

And boy howdy, isn’t that just the way things go in Windows-World. There’s always a wrinkle, and sometimes you have to dig and think, and think and dig to figure out how to understand and deal with things.

Cool Tools, Insider stuff, Recent Activity, Thoughts & concerns, WED Blog

WinTerm Windows 10/11 Divergence

June 25, 2025 Ed Tittel Leave a comment

Here’s something interesting — and purely temporary. My Windows 11 PCs and VMs are getting updates to Windows Terminal, but my Windows 10 PCs aren’t (yet). As you can see in the lead-in screencap that means there’s some WinTerm Windows 10/11 divergence currently happening. To the left, Windows 11 shows version 1.22.11751.0; to the right, Windows 10 shows 1.22.11141.0. An upgrade attempt on WinTerm for 10 says “No newer packages are available from the configured source” (which happens to be WinGet itself). What’s up?

Why There’s WinTerm Windows 10/11 Divergence

Simply put. MS is pushing the Windows Terminal upgrade to 11 before it gets around to doing likewise for Windows 10. It could happen in the next hour, day, or week. But it surely won’t take much longer than that.

Here’s what Copilot says:

The version difference you’re seeing—v1.22.1141.0 on Windows 10 versus v1.22.11751.0 on Windows 11—likely comes down to staggered rollout timing and platform-specific servicing.

Microsoft often releases Windows Terminal updates in waves, and while both versions fall under the 1.22 stable branch, the build numbers reflect incremental servicing updates. These can include bug fixes, compatibility tweaks, or minor enhancements tailored to each OS version. For instance, Windows 11 might receive a slightly newer build first due to broader feature support or integration testing, while Windows 10 gets a more conservative rollout.

It’s nice to get a decent explanation, and it helps me appreciate one thing that Copilot really is good at: summarizing and stating the MS party line on what’s going on when interesting things happen.

Eye of the Beholder

Of course, I recognize that what’s interesting to me is not interesting to everyone. Perhaps it’s not even interesting to that many others. But hey, it’s definitely a feature of the way things happen in Wndows-World. And if you read this blog, you already know I care a fair amount about that kind of stuff. Hopefully, you feel likewise — or what else would lead you here?

Here’s a shout-out to Shawn Brink at Eleven Forum, whose X tweet alerted me to this situation. See also the related news item. Thanks!

Note Added 6/26 (One Day Later)

And as I check the running instance of Windows Terminal on Windows 10 right now, it’s been upgraded. My guess is that Windows Store caught it on its usual light-night/early-AM update cycle. And sure enough, here’s visual proof:

Insider stuff, Recent Activity, Troubleshooting, WED Blog, Windows 10, Windows 11

CHKDSK Follies Follow Drive Prep

June 24, 2025 Ed Tittel 2 Comments

Whoa! I’d forgotten how time-consuming and intricate the built-in Window disk checker can be. My pithy summation, as I prep the old drives on my soon-to-be-retired i7 Skylake PC is: CHKDSK follies follow drive prep. And with 9 disk drives to prep and clean up to make that move, that’s more than enough folly for anybody, including me. For the record, I’m using the CHKDSK /f /x command.

What CHKDSK Follies Follow Drive Prep Means

As the lead-in graphic illustrates — it shows 5.25 hours to grind the fix and clean operation to completion — it takes real time to make all this happen. I left it running when I left my desk last night, and the time info was waiting for me when I logged back in this morning. Only 8 drives left to go!

The 5 stages of CHKDSK run as follows:

1. Examining basic file system structure
2. Checking file name linkage
3. Examining security descriptors
4. Looking for bad clusters in user data file
5. Looking for bad, free clusters

Now that I’m on my second of 9 drives it looks like CHKDSK spends most of its time on the two final stages. It took 5.22 hours for Stage 4 on the first drive. The second, now underway, is estimating about the same amount of time for stage 5. I’ll follow up with more numbers later.

Isn’t that just the way things go in Windows-World sometimes? The job has to get done. Then the waiting begins. It can take a while, as these numbers already intimate (and may later show: I’ll keep track).

Total Times (Follow-Up 5 hrs later)

Looks like the CHKDSK stuff is actually all over the place. I had two drives take less than 1 second (!) to complete, most others came in at or around 1 minute (72 seconds, anyway). The first two drives I tried had trouble in need of repairing, and that skewed my impressions. Go figure! All cleaned up now, though.

Cool Tools, Insider stuff, Recent Activity, WED Blog, Windows 11

NZXT H6 Flow Build Comes Together

June 23, 2025 Ed Tittel Leave a comment

OK, then. This weekend, I got the Asrock B550 motherboard and its AMD Ryzen 5800X CPU squared away in its case. As this NZXT H6 Flow build comes together, I’m understanding more about what current PCs look like and can do. The NZXT H6 Flow is a stunner (and a pretty good deal at ~US$110). But I’m still waiting for a few parts to completely finish things up. Let me explain.

As NZXT H6 Flow Build Comes Together, What’s Next?

I ordered the Asus Thunderbolt EX5 adapter for this PC. It eats an x16 PCIe slot, but delivers 2Thunderbolt 5 USB-C ports with up to 120 Gbps aggregate bandwidth. More importantly — to me, anyway — it’s licensed for Thunderbolt Share so I can finally try that app out.

I’m also gradually building up an archive hard disk for that system, to transport all the stuff I might want to access from my current production desktop to the new one. It’s been a long, slow process with a huge amount of data and a stupendous number of files involved. Thus, I’m deciding it may take two drives — one for documents and other data files, another for my massive digital music collection — which means one of them will have to plug in via USB. Still thinking…

I’ve got an Asus PCE-AC56 PCIe x1 802.11ac Wi-Fi adapter from the old build that I could plug into the new one. But shoot, a Wi-Fi 7 version (PCE-BE6500) costs US$80 these days and might be a better choice. It’s only a fallback anyway: I’m already using the built-in 2.5GbE RJ-45 wired NIC, and it’s working like a charm.

I did bump the memory up from 64 to 128 GB (cost me about US$125 DDR4-2666). It’s pretty snappy, and that gives me room for lots of VMs, which I intend to make more use of going forward, while cutting down on the number of physical PCs in my mini-fleet (current count: 11, with one soon to be decommissioned and 3 more charitably donated to the middle school marching band).

Ultimate Goal: Cutover from i7SkyLake to Flo6

My ultimate goal is to retire my current production PC. It’s built around an Asrock Z170 Extreme7+ motherboard and an i7-6700 Skylake CPU. The mobo made its debut in 2015, but I built the system either in 2016 or 2017. In any case, it’s provided at least 8 years of excellent service and is showing its age.

Funny thing that my “new” system is already 4 years old as I cut over. My attitudes — and my budget — have changed a lot since the days in the late 1990s and early 2000s when I built and tested DIY PCs for Tom’s Hardware. Now that I’m paying for everything, I’m squeezing those dollars much harder before I let go of them.

Hopefully, this “new” system will keep me running Windows for at least another 4 or 5 years before it, too, becomes obsolete. That’s just the way things go in Windows-World, where the relentless influx of newer, faster, better keeps washing older, slower, lesser technologies and hardware away. All I can say to comment is: At least I’m still here, overseeing those changes.

Cool Tools, Insider stuff, Recent Activity, Updates, WED Blog

Database Mixup Prompts Bogus Update

June 20, 2025 Ed Tittel 3 Comments

There’s always something interesting going on with WinGet, the MS package manager for installing and updating Windows stuff. Yesterday, a database mixup prompts bogus update orders for Visual Studio 2022. Let’s look at what happened, so I can explain the nit-picky little details involved.

But first: there really is no update involved. In fact, the Visual Studio version numbers are identical: 17.14.6, as you can see in the lead-in graphic. Note that the same version number appears in the columns for both “Version” and “Available.”

Fixing Database Mixup Prompts Bogus Update

The devil for these particular details lies in the difference between the two strings. The info from the “Version” column comes from the local copy of the WinGet source. It includes the parenthetical phrase after the version number — “(June 2025).” The “Available” version info does not include that string. Thus, there’s a mismatch, even though they’re the same base version number.

Simply put, because the version numbers don’t match, WinGet blithely assumes they’re different. Technically, they are. But they differ because somebody erred in creating one version string or the other.

Who’s on the Hook for a Fix?

Why Microsoft, of course, because Visual Studio is their product. Thus, they’re responsible for the package data in the WinGet database. As you can see in the following screenshot, in fact, that fix is already in. It depicts this morning’s WinGet show and WinGet list data for Microsoft.VisualStudio.2022.Enterprise. Note that the version number info now agrees completely. Fixed!

The previous discrepancy is gone. [Click image to view full-sized.]

For further proof, I ran WinGet upgrade –all –include-unknown. It shows that CrystalDiskMark and Edge need updates, but Visual Studio no longer appears. The mismatch is corrected, so it’s no longer incorrectly flagged for update.

I’m a huge fan of WinGet, not least because the team at MS that works on its software and data is on top of things. Good stuff!

Device drivers, Recent Activity, Troubleshooting, WED Blog, Windows 11

Going Old School: X1 Extreme Driver Repair

June 19, 2025 Ed Tittel 1 Comment

In making my rounds this morning, I found the touchpad driver MIA on the Lenovo ThinkPad X1 Extreme (8th-Gen i7 CPU, c. 2018). On a machine of this august vintage, that could mean only one thing. Its driver must have gotten corrupted or gone sideways. That’s how I found myself going old school: X1 Extreme driver repair became my mission. Let me tell you what I did, and how I fixed that problem.

Going Old School: X1 Extreme Driver Repair Manuevers

No cursor from the touchpad meant some kind of driver issue, if not device failure. Hoping for the former, and dreading the latter, I started down the troubleshooting trail, as follows:

1. Reboot the PC. On a new boot-up and login, keyboard works fine but still no cursor. Still no touchpad cursor, so I plug a wired mouse into the USB-A port to shoot more trouble.

2. Inside Device Manager, I find the touchpad driver as a Synaptics item under “Mice and other pointing devices.” I try reloading same via Driver > Update Driver > Browse my computer for drivers, then take what I’ve got from the “Let me pick from a list of available drivers…” branch. Reboot again: still no touchpad cursor.

3. Visit the Lenovo Driver Support page, grab the latest Synaptics Touchpad driver, and install same. Reboot PC again. Voila! Touchpad cursor appears and is working properly. Problem solved…

Final diagnosis: the on-disk touchpad driver had gotten corrupted. Downloading and installing a new one got the touchpad working again. Good-oh!

What’s (or Would Have Been) Next?

If the driver replacement hadn’t done the trick, my next move would have been to visit Settings > System > Recovery, there to hit the Reinstall now button to perform an in-place upgrade repair install. Note: this replaces all drivers as part and parcel of rebuilding the running OS image.

Had that failed, it’s pretty likely I would have had to decide if I wanted to fork over the money for a new touchpad and get it repaired, or attempt those repairs myself. I’m glad things didn’t go that far. Replacing a driver costs only time and effort, but no money. Touchpads aren’t free (Copilot says replacement cost is US$50-70, and if I had to take it to a shop that would add at least another US$100 or so). Again: glad no such repairs were needed. Case closed on a high note: it’s a good day in Windows-World.

Cool Tools, Insider stuff, Recent Activity, Thoughts & concerns, WED Blog, Windows 10, Windows 11

Strange Crystal Dew World Hiccup

June 18, 2025 Ed Tittel Leave a comment

Yesterday, I noticed that both WinGet and PatchMyPC Home Updater hiccuped when trying to update CrystalDiskMark (8.0.6 to 9.0.0) and CrystalDiskInfo (9.6.3 to 9.7.0). This strange Crystal Dew World hiccup (that’s the home site for both apps) got me wondering if the developer had abandoned freeware versions of those tools for ad-driven (installer-based) or for-a-fee (MS Store) versions only. I’m please to report that my presumption was wrong, and new freeware versions for both programs are updating properly now.

What Caused This Strange Crystal Dew World Hiccup?

Apparently there was some delay between when the new version info got broadcast and when the Crystal Dew World website got updated. Indeed I saw web info (which serves as the lead-in graphic for the story) that led me to wonder if ad-driven (ZIP and Installer) or paid-for (Store) versions were the only remaining versions of CrystalDiskMark (CDM) and CrystalDiskInfo available.

This morning, however, when I went back to check again, things were different. I still see the same situation at Crystal Dew World (here’s a link to its CDM download which includes an installer named CrystalDiskMark9_0_0Ads.exe). But WinGet and PatchMyPC can both successfully upgrade these tools now (they threw “hash match fail” errors yesterday) and are proffering ad-free freeware versions that come from sourceforge (you can use WinGet Show CrystalDewWorld.CrystalDiskMark to reveal its database contents).

Updates Take Time to Propagate

I’ve seen similar things happen before — often, with MS facilities such as PowerShell and Windows Terminal — when an update emerges but packages and database contents don’t synch up. All in all, though, I’m glad that freeware, ad-free versions of these useful tools remain available. If they didn’t I’d have to find something else!

And, far too often, such things become necessary here in Windows-World. Not this time, apparently for CDM and CDI. Not yet, anyway… But the ad-oriented interface at Crystal Dew World strongly suggests it could happen if not now, perhaps later.

Cool Tools, Hardware Reviews, Insider stuff, Recent Activity, WED Blog, Windows 11

Interesting ThinkPad T14s Snapdragon Intake

June 17, 2025 Ed Tittel Leave a comment

Here, interesting comes from the purported “Chinese” curse: “May you live in interesting times.” If fact, those times got a little too interesting for me once or twice last week, as I worked my way through intake on a the Snapdragon X version of the ThinkPad T14s from Lenovo (see “Speeds and Feeds” for more of those details). Indeed, I experienced what I choose to call an interesting ThinkPad T14s intake because of WU issues that popped up along the way.

Ultimately, I would have to send the PC back to Lenovo for a replacement because:

(a) I couldn’t repair a Windows Update error on the latest CU

(b) When I tried an in-place upgrade repair install, the PC asked for a BitLocker recovery key during one of the post-GUI install boot-ups. [The lead-in graphic shows this on its way to a fiery crash.]

I’ll admit it: I was caught unprepared. And when the Lenovo Recovery Media facility could only produce a USB key (no digital download for me, alas), an overnight swap was my only way to proceed. Sigh, sigh, and sigh again.

What Interesting ThinkPad T14s Snapdragon Intake Means

For me, it meant an irresolvable issue trying to catch the machine up to current CU levels. For the first time in recent memory the ElevenForum.com reset/reregister WU script failed to fix that, too. Thus I had to avail myself of the “Reinstall now” button in the options available from this Windows 11 24H2 instance via Settings > System > Recovery. That’s what you see as the lead-in graphic above, at 35% complete during the GUI install phase.

Along the way to catching the OS up, I installed a bunch of apps I like to use (12 in all: 7-Zip, Adv IP Scanner, CPU-Z, CrystalDiskMark, Everything, FileZilla, GadgetPack, Notepad++, PS 7.5.1, PowerToys, and Speccy). I also turned on Remote Access so I can view the desktop on a 27″ monitor instead of a 14″ laptop.

It was all good until I tried running WU. It was stuck, stuck, stuck, on the latest CU. It was throwing Error Code 0x800F0905, which Google tells me means “an issue with Windows Update or a corrupted installation file.” That’s why I went to the reset/register script immediately thereafter, and then Reinstall now when that failed as well. As I said earlier, I ended up swapping my ultimately bricked T14s for an identical replacement. It had to retry the stuck CU, but succeeded on a second attempt. So now I have a working T14s to play with for a while.

So following the well-known principle of “If you don’t get it right the first time, do it over,” I reinstalled all the apps I’d added to the first, bricked version. Then I enabled Remote Access so I can use RDP, set up Windows Terminal and PowerShell, and I’m now fully off and running.

Speeds and Feeds, and More

The T14s Gen 6 model that Lenovo sent me includes the following:

Snapdragon X Elite X1E-78-100 CPU (3.4GHz, 12 cores/threads)
Adreno X1-85 GPU (built-in)
Hexagon NPU (delivers 45 TOPS)
32 GB LPDDR5X-8448 MHz RAM
Samsung OEM PCIe Gen4 NVMe 1TB SSD
14″ WUXGA (1920×1200, IPS, Anti-Glare, non-touch)
Windows Hello 1080P PHD camera, fingerprint reader
Qualcomm Wi-Fi 7 NCM825A 2×2 BE & Bluetooth 5.3
2ea USB4 USB-C (40Gbps), USB 3.1 Gen 1 (5 Gbps) ports

As configured the unit currently goes for US$1,259 at the Lenovo Store. It’s sturdy, has a standard ThinkPad look and feel, and both thin and pretty lightweight (2.72lbs/1.24kg). It’s not quite as awe-inspiring as the less expensive Slim 7X model I reviewed almost a year ago, but it’s bigger, beefier, and pretty darn snappy. I will take it on the road with me at my next opportunity and see how it plays.

So far, though, it’s a solid performer and seems to get things done with verve. I look forward to a machine that will let me use the benefits of Copilot+ PCs in the near future. Indeed, that’s why I asked Lenovo to send me this unit. Stay tuned: I’ll tell you lots more, real soon.

Insider stuff, Recent Activity, Troubleshooting, WED Blog, Windows 11

Clearing Windows 11 ARM Spurious Reclaimables

June 16, 2025 Ed Tittel Leave a comment

I’ve got a new laptop in from Lenovo. It’s a peachy-keen ThinkPad T14s (which I’ll describe in tomorrow’s post, so hold on for those deets). Today, what I care about is its Qualcomm Snapdragon X1-E78-100 CPU, which uses ARM64 not AMD64 architecture. This makes a difference, as I learned in clearing Windows 11 AM spurious reclaimables.

“What is a spurious reclaimable?” I hear you ask. It’s a Windows package in the component store (aka WinSxS) that sticks around, even after you run

DISM /Online /Cleanup-Image /StartComponentCleanup

to have it clean up reclaimable packages in said store. I blogged about this in March, when I explained how a single DISM /Remove-Package command could clear up two (2) spurious reclaimables seeingly built into Windows 11 24H2. This came courtesy of VIP expert @Bree at ElevenForum.com.

How-to: Clearing Windows 11 ARM Spurious Reclaimables

It turns out that those spurious packages for ARM64 are more or less the same as those for AMD64. But the names are slightly different for one of them. Unlike AMD64 a single /Remove-Package does NOT suffice to clear up both spurious reclaimables. Instead each package must be removed individually, as follows:

1. The initial syntax for each command line is the same: DISM /Remove-Package /Packagename:

2. The first package name replaces the “AMD64” with “ARM64” in its name with no further changes — namely Package_for_RollupFix~31bf3856ad364e35~arm64~~26100.1742.1.10

3. The second package name does the same substitution, but drops the minor version numbers from the end, too — namely Microsoft-Windows-FodMetadataServicing-Desktop-Metadata-Package~31bf3856ad364e35~arm64~~10.0.26100.1742

If you build up the entire command strings with the common stuff from item 1 above plus the bold text in item 2 (1st command) and item 3 (2nd command) you’ll clear out both spurious packages for Windows 11 24H2 ARM. Just a little bit different, but it does the trick.

Cheers!