Windows, Zombie Processes, and bullshit code

Hi, In my work at Tanium I do a bit of debugging and performance analytics. Over the last 2-3 years, a LOT of this has centered around how Windows systems get slower and slower over time. This has been a common complaint/statement of ridicule/FUD since I started my career in IT 26 years ago in …

CVE-2021-26807 – GOG GALAXY v2.0.35 DLL Load Order Hijacking

Authors: Brian Papile and Jeff Stokes Executive summary The GOG Galaxy version 2.0.35 was vulnerable to a DLL Load Order Hijacking vulnerability. The vendor has patched the vulnerability and released version 2.0.37, as of March 30, 2021. Discovery This vulnerability came about when we tried to uninstall the Folding at Home Client, but its folder …

Exploring the hidden opportunities of sudden change in enterprise IT management.

Tanium’s blog post featuring Lumentum’s CIO Ralph Loura’s blog post really resonated with me on a couple of levels. The one thing in life that seems predictable is change. I know it is a bit cliche, but this has been true in my life. While sometimes it is difficult to see the positive aspect in situations, it seems  to me …

EDRefCard.info is down! Long live EdRefCard! How to set up your own instance of EdRefCard so you can create a card for your HOTAS config in Elite Dangerous.

<no longer needed, EDRefCard.info is back up!!!> How to set up your own instance of EdRefCard so you can create a card for your HOTAS config in Elite Dangerous. Share with friends, import friends config files and get cards made for those. What? – This used to be served at https://edrefcard.info but the site has …

Windows 10 Task Manager ‘% CPU’ skew – A Tale of Two Metrics

EDIT: My co-worker, Aaron Margosis, wrote his take on this issue, you can read about it here: Task Managers CPU Numbers Are All But Meaningless! Windows 10 Task Manager is often used by end users to gauge the performance of their machine, especially when they think something is amiss. There are several reasons why this …

How to collect a boot trace on Windows 10 using xbootmgr

Sometimes in support you’ll be asked to collect a boot trace to help troubleshoot slow boot or slow logon scenarios. The symptoms are a long time passes from startup to the CTRL+ALT+DEL or  from CTRL+ALT+DEL to a usable desktop experience. This blog will walk you through the steps needed to do this. While you can …

Windows 10 20H2 boot trace – dropped events

TLDR: At time of writing, Windows 10 20H2 has a bug where the default buffer allocations in boot tracing are inadequate to capture the data of a boot trace. The fix is pretty simple, use good old xbootmgr instead. This is a binary from the older ADK and gets installed when you install the current …

What’s using your video RAM? Xbox Game Services naturally…

Applies to: Windows 10, Gamers   One of my routines when installing Windows 10 fresh (or updating builds when it wipes my preferences) is to change Task Manager’s view to report on additional columns of value.  Let me show you what I’m doing: My machine has an uptime of 1 day, 15 hours. I game …

Microsft Edge – “This site is trying to open” dialog box hell – Fix

Applies to: Edge I was downloading mods to start up a game of Witcher 3 and every time I tried to download a mod to Vortex, this dialog box appeared, which no “ffs stop asking this” option. This gets tedious quite quickly. So, this article walks you through getting around the warning: https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies#externalprotocoldialogshowalwaysopencheckbox But, this …

Exit mobile version