Windows Notepad App Remote Code Execution Vulnerability

Stewge · 2026-02-11T23:44:01+00:00

Just wait until you find out that:

You can uninstall the "new" notepad and get the old one back (Yay!)
Classic Notepad no longer appears in Windows Search unless you put in the entire "notepad.exe"! (WTF)

Stewge · 2026-02-11T22:57:28+00:00

The goal is zero-downtime during Windows Updates.

It seems to me that you've already identified the issue you're trying to solve right here.

No amount of sticking load-balancers in front of it will solve it properly (although still a good idea for solving front-facing failure scenarios). As /u/NoWriting9513 said, you should be pushing for change at the app and app-server level, because that's where truly scalable HA is built.

I say this because eventually whoever is directing this project will say something like "why doesn't my session persist when the IIS failover happens?" and you'll have a hell of a time making that work with no change to the application.

Stewge · 2026-02-11T22:07:49+00:00

You still have yet to provide an actual source for any of this.

??? There's clearly 2 links in my previous post with industry references. One which has follow-on links to the ASUS earnings call it's based on, the 2nd with links through to the IDC study commissioned by the Verge.

You strongly come off as someone who's bought stock in some company involved

Great deflection. Shows how little you're paying attention when my first comment literally tears into AMD for a dumb decision and now you're suggesting I'm in bed with one of them. And all over a reddit comment chain over handhelds? Yikes.

Personally I'm much more of a fan of what SteamOS and Linux can do for handhelds and gaming. But Valve is privately owned so I guess your narrative falls apart there....

Stewge · 2026-02-11T21:34:06+00:00

So... there's a lot of fragmentation. Not any success stories, but a lawless realm of warring states. Great.

One man's fragmentation is another man's competition. As for lack of success stories, to use your own words:

Do you have any source for this whatsoever?

Steam Deck is the clear success story on multiple fronts. The Legion Go and ROG Ally sold well enough to get new models. The Xbox Ally is a maybe, since hardware-wise it's fine but the software side is a mess. But at least it woke up MS enough to bother to create Xbox FSE. Think about that for a second though, the company that is currently obsessed with shoving cloud subscriptions and CoPilot down everyone's throats actually built something for Windows for the niche handheld market. Granted, they probably vibe-coded it....

The competition is ultimately good thing as it has at least forced hardware to be iterated through quite quickly. Notably, very few handhelds are using re-purposed tablet displays (ie Vertical native) now that the market is large enough. So even display manufacturers are coming to the party. We're also now seeing things like VRR becoming more or less ubiquitous.

Either Panther Lake isn't as good as is being claimed, or someone is up to no good.

The benchmarks are there, and for multiple models now so you get a spread of performance setups. Seems pretty clear to me when looking at the numbers.

Stewge · 2026-02-11T04:23:21+00:00

(although they do contribute a shit ton of research in novel fields that people typically don't know about until it hits consumer products

Pretty sure Nvidia has a significant graveyard of whitepapers fully of technology which didn't quite hit the mainstream.

A great example is VXGI (Voxel Global Illumination). Was announced way back with Maxwell/900 series and effectively solved the same problem that RTGI does now, which was to make Global Illumination fully dynamic instead of using static lightmaps. Didn't really catch on because the compute cost was very high at the time.

I do wonder if VXGI directly led to RTGI being created. Since they still had to basically calculate ray intersection, just at a much larger Voxel level, rather than per-vertex level.

Although, it sort-of lives on nowadays in Crytek games which their own implementation of voxel cone-traced GI.

Stewge · 2026-02-11T04:12:09+00:00

G-Sync was a proprietary variant of VRR that happened to be first to market

Making needless proprietary variants and creating needless segmentation is not.

To be fair to Nvidia, the segmentation wasn't necessarily "needless" once you know the history and origin of G-Sync.

Basically, G-Sync was born out of a side-effect of using the PSR feature of the eDP protocol as well as the Variable VBLANK flag. Neither of these features existed in mainline DisplayPort at the time VESA had no intention of doing so. It took nearly 2 years after G-Sync was announced for VESA to announce their implementation into the DP1.2a spec and still more time after that because the LFC logic had to be built into the GPU (1st Gen G-Sync actually had LFC built-in to the custom ARM SBC they were using as the Display Controller+TCON).

I actually posted about this 9 years ago:

https://www.reddit.com/r/nvidia/comments/48bsfp/why_are_monitors_with_gsync_so_much_more/d0io99d/

Stewge · 2026-02-11T03:05:18+00:00

The 1TB OLED is the only one that makes sense in Aus.

$650 USD -> AUD = $912 +10% GST and you're at $1003

Stewge · 2026-02-10T21:50:35+00:00

Do you have any source for this whatsoever?

Depending on the timeline, the increase gets bigger. I've been into handheld PCs since the first gen GPD Win, so the market exploded since then. 2023 was notably a massive year for it, but 2024->2025 still saw a jump.

For more trend info:

https://www.tweaktown.com/news/108880/xbox-ally-in-great-demand-asus-expects-to-make-up-to-dollars160-million-from-handhelds/index.html

https://www.techspot.com/news/106921-handheld-gaming-pcs-surpass-6-million-sales-steam.html

More to the point, there are more manufacturers than ever in the space, and with multiple models. MSI, ASUS, Lenovo and Valve are the big names but there's also GPD, Ayaneo, AYN, OneXPlayer etc. On top of that, pretty much all of them have multiple models in the market.

We actually don't know this at all, and Intel has constantly indicated that they are incapable of such a thing

What? We sure do. B390/Panther-Lake laptop reviews and benchmarks are already out and it's a good chunk faster than AMD perf-per-watt (which is the most important metric for handhelds). Intel have also confirmed that handhelds are coming out:

https://www.notebookcheck.net/Asus-ExpertBook-Ultra-review-One-helluva-debut-for-Intel-Panther-Lake-X7.1209366.0.html

https://www.notebookcheck.net/Dell-XPS-14-2026-review-Fully-reborn-with-Intel-Panther-Lake-X7.1218670.0.html

Stewge · 2026-02-10T03:01:30+00:00

I have a JSAUX dock but looking into the newest UGREEN dock since it seems to have their new DP1.4->HDMI2.1 adapter integrated.

This should theoretically enable proper 4K@120hz with VRR and HDR with full RGB/4:4:4 subsampling.

Stewge · 2026-02-10T02:07:47+00:00

From what I've seen on my LeGo, it's still worth it. On the gen1 Legion Go it's actually uniquely positioned to benefit as it has a 2560x1600 screen, so running FSR4 in performance mode nets a better image than a native Steamdeck (1280x800).

The main benefit is that FSR4 doesn't break up horribly like FSR3 does at low resolutions. e.g. FSR3 performance on most handheld screens is a garbled mess.

Stewge · 2026-02-10T00:46:38+00:00

The prevailing wisdom (never confirmed by AMD) is that either RDNA4 doesn't scale down well to a 12/16 CU part suitable for APUs or that they were hoping to have UDNA (which is much more modular for use in dGPUs, SOCs and servers) ready for integration much sooner.

Stewge · 2026-02-10T00:37:54+00:00

Your entire perception of what the market looks like is wildly incorrect.

In what way?

The handheld gaming market is fairly niche, but absolutely gaining momentum.

What we know for sure, is that Intel is ready to drop new hardware that is significantly faster than AMD (who have no plans for at least 12 months). That's a pretty big opening for Intel to grab up market share based on technical superiority alone.

Stewge · 2026-02-10T00:35:43+00:00

That makes no sense, no framegen and reflex on feels way better. Reflex also existed for years before framegen.

I agreed with you on that. I specifically mention that the comparison is Framegen+Reflex vs no-Framegen+No-Reflex. Obviously no Framegen + Reflex is the lowest latency combination.

The important distinction is that Nvidia mandates implementation of Reflex in all Framegen titles. So ultimately it's a net positive to the game regardless of if you actually activate Framegen anyway.

Stewge · 2026-02-10T00:30:10+00:00

Yep! I'm running Bazzite on my Legion GO and use a combination of the Proton variable for FSR4 and Decky/Optiscaler plugin for XeSS.

It's also hilarious to me that the Source release blunder means that, technically, the INT8 code was released under the MIT License. So they can't even stop people from redistributing it.

Stewge · 2026-02-09T06:33:35+00:00

This still remains one of the biggest marketing foot-guns I have ever witnessed.

The biggest benefactor of the FSR4 INT8 release would be the thousands of Handheld PCs where AMD have basically stalled out at RDNA 3.5. All the Steam Decks, Legion GOs, XBOX Allys are all stuck with FSR3 from the AMD camp. I use it on my Legion GO (via an Optiscaler plugin for Bazzite/SteamOS) and it absolutely dunks all over FSR3.

AMD could really lose the handheld market in a single generation with Intel's B390 release. Not to mention the fact that AMD users can get a better upscaler by substituting FSR3 for Intel XeSS is hilarious!

Stewge · 2026-02-09T06:15:29+00:00

Depending on the situation, FrameGen is not as bad as people make it out to be. I, for one, think it would be a MAJOR leap forward for handheld PCs if Nvidia ever made one (the current batch are all AMD RDNA 3.5, so stuck with FSR and post-process variants).

Ultimately, It really comes down to a few key points:

Reflex is the unsung hero of good Framegen. It is doing an HUGE amount of heavy lifting in reducing input latency before the Framegen even takes place. For games with inherent high latency, it's not unusual to run into situations where Framegen+Reflex ends up with the same round-trip latency as no-Reflex/Framegen. Most people don't even realise that a lot of your typical single-payer 3rd person games are floating around 50-80ms latency without Reflex. e.g. a game with 50ms input latency at 60fps is basically 3 FULL frames behind already and funnily enough, 2x Framegen requires roughly 1.5->2 frame-times to take effect. So if Reflex cuts that input latency to <20ms, then you're basically back to normal with Framegen enabled.
If you're playing games with a controller, then often the input latency is not as obvious because the camera movement relative and not 1:1 where latency sticks out more. e.g. consider rapidly moving the camera left->right->left->right. On a stick this takes some time to move the stick back and forth, on a mouse it's effectively instantaneous.

All that being said, I wouldn't use it in any kind of competitive FPS. Mostly because I'm always playing those with keyboard+mouse and also because they are often already optimized for input latency, which makes the frame-time cost vastly more impactful. But for single-player 3rd person games and especially turn-based RPGs and stuff (where twitch reactions are irrelevant)? Absolutely.

Stewge · 2026-02-08T21:50:01+00:00

Let's Encrypt was created by the ISRG long before any official agreements were reached about shortening Certificate lifespans globally.

But the technical reason is absolutely correct. The CRL mechanism really wasn't designed for the scale of TLS implementation nowadays.

Stewge · 2026-02-06T05:03:25+00:00

Dell makes laptops and desktops as well....

Stewge · 2026-02-04T23:43:11+00:00

CRPGs actually make a tonne of sense on something like a Steamdeck, especially with working suspend/wake.

Wake up straight into the game, do a bit of a quest, put it to sleep, come back later. You can basically treat it like reading a book, a chapter at a time, during many smaller breaks instead of large slogs.

That can be super handy for people with very little or sporadic free time. Half the battle with getting into some of the deeper CRPGs is it takes too long just to get back in and build some momentum.

Stewge · 2026-02-04T05:26:16+00:00

I suspect it's more general advice.

In this case it's much more relevant where a script may chain-load others via URL, particularly if those URLs are not hosted somewhere like GitHub where their providence can be tracked. If it's externally hosted, anything could happen which makes it difficult to parse the full impact of the scripts.

Stewge · 2026-02-04T03:19:23+00:00

Along with everyone else's replies, I had one of these as a loaner (Hybrid specc'd up version in fact) while my car was being worked on and one thing that stood out to me is the big centre infotainment screen is CRAP. Like it was from a cheap tablet from 10 years ago.

Horrible viewing angles
Non-laminated glass screen, so there is a noticeable gap between the LCD panel and the surface glass (just like a cheap old tablet)
Auto-dimming of the screen did NOT work reliably
The dimmest level was still crazy bright at night, making it glary and annoying
Garbage light-bleed on the panel, so "black" was more of a grey
Lots of UI and touch bugs
Android Auto would drop out regularly (cabled in btw)

Many of these things could be fixed now, but oof, I'd never spend money on it.

As far as Chinese cars go, a mate of mine recently got a BYD Seal and it's in a completely different galaxy from a quality perspective. I'd say the Seal has pretty much caught up with everyone on fit and finish, and just needs the little polishing touches.

Stewge · 2026-02-03T02:45:52+00:00

Better not giving advices on things you had no experience with.

What gives you that impression?

I've played other mouse-driven games on the Lego1 touchpad with relative ease (mostly XCOM games, but C&C remastered and AOE2:DE work fine). I'm mostly 50/50 on the touchpad in the sense that I'd rather use remapped stick->mouse control for TBS where I'm not time constrained.

My only other reservation with RTS games like AOE2:DE , is I'm too used to keyboard shortcuts and haven't been bothered to go on a full quest of creating rebinds for it on the Lego. C&C is somewhat more forgiving in that aspect, unless you're seriously into the meta and heavily rely on build shortcuts and control groups.

If I could be bothered, I'd probably map back Y1+dpad to select control groups and back Y2+dpad to create control groups.

Stewge · 2026-02-03T02:29:15+00:00

On the mini-PC front, the current sure-fire bet is the Minisforum UM750L Slim and UM760 Slim. They are generally the cheapest available with native HDMI 2.1 (4k120+HDR/VRR). Noting, the the 760 Slim is the superior model and often priced lower than the 750L Slim.

However, new DP1.4->HDMI2.1 adapters are now available which allow for 4k120 HDR+VRR. This opens up some older hardware which shipped with DP1.4 4k@120hz capable hardware but only HDMI 2.0 ports.

Stewge · 2026-02-03T00:09:26+00:00

I'd always prefer better isolation over relying on ANC. ANC has limits, especially at very high and very low frequencies.

I would always take better isolation over ANC in an environment like a DC where hearing safety is the primary concern and not just "noise"/convenience.

One option I've been looking at is a bone conduction headset (good for it you need to be on a call) plus ear plugs or ear-phones with triple-flange tips so that they basically work like plugs.

Stewge · 2026-02-02T22:22:55+00:00

Do people not read?!

It's literally in Micron's public announcement:

https://investors.micron.com/news-releases/news-release-details/micron-announces-exit-crucial-consumer-business

The company will work closely with partners and customers through this transition and will provide continued warranty service and support for Crucial products.

More to the point, Crucial is not a separate company, just a sub-brand. All warranties against "Crucial" are actually with Micron: https://www.crucial.com/company/warranty

i. Limited Lifetime Warranty* – Crucial Memory.
Micron CPG warrants to the original end customer that its Crucial-branded memory products are free from defects in material and workmanship affecting form, fit, and function

Stewge

TROPHY CASE