September Update

Contributor: Matthew Eady

It’s possible that we’re not getting a major September update—ACNH hasn’t shown outward effects of COVID-19 yet, but that could change. Even so, I’d expect to here more about some manner. Sep 09, 2020 The September 2020 update for Windows 10 May 2020 Update is Build 19041.508, and it comes with a long list of improvements. Even if you skipped several months’ worth of updates (cumulative.

[Notice: The Critical Threats Project frequently cites sources from foreign domains. All such links are identified with an asterisk (*) for the reader’s awareness.]

The al Houthi movement has waged a self-declared “deterrence” campaign against Saudi Arabia for the past year as a messaging effort to present an al Houthi victory against the Saudi-led coalition and Yemeni rivals as a fait accompli.The al Houthi movement’s military spokesman has claimed four attacks on Saudi Arabia since August 2019 as part of a “balanced deterrence” campaign framed as a response to the coalition’s continued air campaign and blockade in Yemen. These claimed attacks occurred in August 2019, September 2019, and February and June 2020. They included drones and ballistic and cruise missiles. The most serious attack in this series was the September 2019 attack on Saudi oil facilities in Abqaiq, which the al Houthi movement claimed but it did not conduct.

The al Houthis launched the balanced deterrence campaign to secure concessions from Riyadh at a time when Saudi Arabia was under particular strain in Yemen. The United Arab Emirates (UAE), a key Saudi-led coalition partner, reduced its forces in Yemen in late spring 2019, reducing the coalition’s operational capacity. When tensions between southern Yemeni factions and Yemen’s internationally recognized government escalated in August 2019, the coalition had to draw some of its resources away from fighting the al Houthis in northern Yemen. That same month, the al Houthis attacked a Saudi oil field, claiming their largest attack yet on Saudi soil. The following month, the al Houthis claimed responsibility for the Abqaiq attack, which US intelligence assessed was conducted from inside Iran, not Yemen. The al Houthi movement nonetheless sought to capitalize on Abqaiq’s effect on Saudi Arabia and declared a unilateral halt on cross-border drone and missile attacks that September. Saudi Arabia accepted a partial cease-fire in Yemen the same month.

The al Houthi movement breached its unilateral pause in cross-border attacks four months later, setting the stage for resumed high-profile attacks on Saudi Arabia. The al Houthi movement targeted Saudi oil facilities with rockets and drones in late January before resuming a high-profile attack on the kingdom in February. The February drone and missile attack targeted the kingdom’s oil facilities, signaling a continued effort to pressure the kingdom to accept a détente as Saudi Arabia sought to exit Yemen’s war. The al Houthis also conducted an attack targeting the kingdom’s security infrastructure in June, which included the Ministry of Defense. This attack *marked an expansion of the balanced deterrence campaign’s targets beyond Saudi oil facilities in an attempt to degrade the kingdom’s military capabilities.

The timing and nature of the balanced deterrence attack claims indicate that the campaign also has a domestic audience. The al Houthi movement has sought to control the information space in its territory, including by persecuting journalists. The balanced deterrence attacks may be timed as retaliation against Saudi-led coalition air strikes that cause high civilian casualties in Yemen.

The al Houthi movement appears to launch attacks under this campaign within weeks of Saudi-led coalition air strikes that causehigher-than-average civilian casualties. The al Houthi movement has not connected balanced deterrence claims to particular air strikes in Yemen, however. Coalition air strikes in summer 2020 have caused civilian causalities just below the number of casualties that appear to have prompted al Houthi retaliation in the past. These air strikes did not prompt the al Houthi movement to claim a fifth attack under this campaign, warranting further analysis.

Update

The al Houthis’ claim of responsibility for the September 2019 attack on Saudi oil facilities at Abqaiq, which US intelligence assessed was conducted from Iranian territory, may also be projecting strength to a domestic audience, given that such a claim could not have been expected to fool an international audience for long. The al Houthi movement’s decision to include a false attack claim in the balanced deterrence campaign may indicate possible Iranian coordination, but open-source information to support al Houthi–Iranian coordination on Abqaiq is lacking.

The al Houthi movement can threaten critical infrastructure in Saudi Arabia and possibly the UAE, even if the al Houthis’ own claims of their operations are overstated. Iran has enabled the development of the al Houthis’ advanced capabilities since 2015.[1] The al Houthi movement’s evolution and its position inside Yemen will remain key concerns for Saudi Arabia, particularly if the al Houthi movement grows closer to Iran.

Timeline of the balanced deterrence campaign

  • August 17, 2019: First balanced deterrence attack. The first attack *targeted Saudi Aramco’s al Shaybah oil field. The al Houthi movement claimed using 10 drones, stating that this was the “largest” al Houthi attack on Saudi territory since the Saudi-led coalition’s intervention in Yemen in 2015.
  • September 14, 2019: Second balanced deterrence attack. The second attack originated in Iran and targeted Aramco’s Abqaiq and Khurais oil refineries in eastern Saudi Arabia. The attack temporarily reduced the kingdom’s oil production by half. The al Houthi movement falsely claimed the attack, *stating that it used 10 drones. US and UN investigations have assessed that Iran conducted the attack from its territory using drones and missiles.
  • February 21, 2020: Third balanced deterrence attack. The third attack targeted Aramco and “other sensitive targets” in the kingdom’s western Yanbu province. The al Houthis *claimed using 12 Sammad-3 drones, two Quds-1 cruise missiles, and a Zulfiqar ballistic missile. The al Houthi movement claimed the attack successfully hit its targets, but Saudi Arabia claimed to have intercepted the attack.
  • June 23, 2020: Fourth balanced deterrence attack. The fourth attack targeted royal palaces, the intelligence headquarters, the Ministry of Defense, the headquarters of aviation, and the headquarters of King Salman Air Base in Riyadh. The attack also targeted unspecified military structures in the southwestern Saudi cities of Jizan and Najran. The al Houthis *claimed *using an unspecified number of Quds-1 cruise missiles, Zulfiqar ballistic missiles, Sammad-3 drones, and a “new long-range winged missile,” which it has not yet revealed. The al Houthi movement claimed damaging the Ministry of Defense. Confirmation of such damage remains inconclusive.

Al Houthi attacks on Saudi Arabia and the UAE: 2016–2020

Updated as of September 17, 2020

[Note: This map does not include six reported al Houthi attacks between August 16, 2020 and September 7, 2020 that occurred in unspecified locations in southern Saudi Arabia.]

Map Key

Yellow pins: Attacks claimed by the al Houthis. Includes successful and attempted attacks.

Blue pins: Attacks by other actors that the al Houthis falsely claimed.

Green pins: Attacks claimed by al Houthis but denied by Saudi Arabia or the UAE.

[1] The US Navy interdicted significant Iranian weapons shipments intended for the al Houthis in the Arabian Sea in November 2019 and February 2020. The February Iranian weapons shipment included missiles capable of downing US military helicopters.

[German]Microsoft’s September 2020 patchday (B and C week) is now over. It’s time for a short overview of the issues caused by updates for Windows 10 and its server counterparts.

September Update
Advertising

Let’s see if and what optional updates are coming this week. But the previous updates have driven some users into problems – sometimes it was additional software or hardware that was responsible. But sometimes the (security) updates have also caused problems in Windows 10.

Update issues

At this point I’d like to list some issues I’ve picked up in this blog. Forum messages of the kind ‘cannot install update xyz’ I will leave out, because they are often quite unspecific.

Bitdefender blocks Update

Users with Bitdefender antivirus protection and working with Windows 10 version 190x had a problem with the September 2020 patchday. The security solution incorrectly blocked the Windows 10 cumulative update KB4574727 as malicious. I had addressed the details in the blog post Windows 10 V190x: Bitdefender Antivirus blocks Update KB4574727.

Windows 10 2004: Update KB4571756 collides with applications

The cumulative security update KB4571756 released by Microsoft on September 8, 2020, causes issues with the Explorer and possibly crashes in connection with various applications. I had reported in the blog post Windows 10 2004: Update KB4571756 collides wit Paint Shop Pro 7 about issues with the graphics program Paint Shop Pro 7. In the meantime I have also received hints about the same issues with Word 2007 and Edit Plus. They are all old applications, but something in the Windows shell seems to have problems with these programs. Annoying for the people concerned.

September Updates

Update causes BSODs on Thinkpads

Users of Lenovo ThinkPads with Windows 10 Version 2004 and Lenovo Vantage software are annoyed by BlueScreens (error SYSTEM_THREAD_EXCEPTION_NOT_HANDLED in ldiagio.sys) caused by updates. The first updates causing this were released as previews at the end of July 2020.

Advertising

Microsoft has confirmed the problem and the cause, the correction must be done by the Lenovo Vantage software. I have the issue in the blog post Windows 10 2004: Microsoft confirms BSODs on ThinkPads caused by Updates.

Windows Subsystem for Linux broken

There are reports that the last cumulative update for the Windows 10 May 2020 update (version 2004) breaks the Windows subsystem for Linux (WSL 2). After installing the update, this business function can no longer be used. Details about this issue I have discussed in the blog post Windows 10 Version 2004: Update KB4571756 breaks WSL 2. Windows 10 Version 2004: Update KB4571756 macht WSL 2 kaputt besprochen.

Upgrade to Version 2004 blocked for LTE systems

At the end of August 2020, Microsoft also suspended the Windows 10 upgrade to the May 2020 update (version 2004) if LTE modems are installed. There are then problems with drivers. I had pointed this out in the blog post August 2020 update causes BSODs on ThinkPads – Upgrade suspended on LTE systems.

Miscellaneous issues with updates

In connections with preview updates and the Edge-Browser I noticed some more ambiguities, which I would like to touch on briefly.

September Update For Clash Of Clans

September UpdateAmong

Confusion about Defragmentation Bug Fix

In Windows 10 version 2004 there was a problem from the beginning that hard disks and SSD drives were optimized unnecessarily often by the Windows defragmentation. Windows 10 Version 2004 forgot when the last optimization was performed. The defragmentation bug was then corrected by an update in August 2020. But only the cumulative update KB4571756 seems to have fixed the bug when optimizing SSD drives. I had discussed this issue in the blog post Does Update KB4571756 fixes the SSD defrag bug in Windows 10 V2004?.

Trouble with update to Chromium-Edge

Microsoft is trying to install the new Chromium Edge browser for its Windows 10 users. Cumulative updates were provided for this purpose. The update KB4559309 is used to update the old Edge-Browser to the new Chromium-based version and is rolled out since June 2020 for Windows 10 version 1803, 1809, 1903, 1909 and 2004 (Home- and Pro-Edition). I had in the blog post Windows 10: Chromium Edge are rolled out to user.

The problem with this update is that installing it can cause collateral damage to Windows 10 systems. I had pointed this out in the blog post Edge Update KB4559309 may slow down Windows 10. Some users noticed after installing the update that the Windows 10 systems booted very slowly. A community moderator at Microsoft Answers then confirmed that the Microsoft Edge development team is investigating the whole thing.

Now Microsoft has replaced this old update with the new update KB4576754. Background for this replacement update are probably slow booting Windows 10 systems after applying the update KB4559309, but this was not documented in the support article. I have replaced the details in the blog post Windows: Edge Update KB4559309 replaced with KB4576754, fixes performance issues.

September Update On Zara's Nikah

wsecedit.dll error when loading a MMC snap-in

Security update KB4577015, dated September 8, 2020, causes problems on Windows Server 2016, which acts as the domain controller. The Group Policy Editor (gpedit.msc) throws a wsecedit.dll error when loading an MMC snap-in when changing security options. I have addressed this in the article Windows Server 2016: Update KB4577015 throws a GPO MMC wsecedit.dll error. In this Microsoft Q&A post someone published a workaround (just delete the given registry entry).

Further problem reports

In the internet I found some more reports about various errors on various websites. So there are again reports that the start menu and the search in Windows 10 cause problems. A reddit.com user describes it in this thread. Windows Latest warns in this post that update KB4571756 could damage the Windows 10 start menu. On askwoody.com there is also this forum post where a user reports that a vulnerability in WSUS was silently fixed.

Similar articles:
Microsoft Office Patchday (September 1, 2020)
Microsoft Security Update Summary (September 1, 2020)
Patchday: Windows 10-Updates (September 8, 2020)
Patchday: Windows 8.1/Server 2012-Updates (September 8, 2020)
Patchday: Updates für Windows 7/Server 2008 R2 (September 8, 2020)
Patchday Microsoft Office Updates (September 8, 2020)
Windows 10 V1809/190x: Preview Updates (September 16, 2020)
.NET Framework Preview Updates (Sept. 16, 2020)

Cookies helps to fund this blog: Cookie settings
Advertising