We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

inetpub folder

If you deleted that mysterious Windows file Microsoft told you not to, there's a new script to restore it
Winsage
June 9, 2025

If you deleted that mysterious Windows file Microsoft told you not to, there’s a new script to restore it

The 'inetpub' folder, which appears on system drives (C:) after the April 2025 security update for Windows 10 and 11, is essential for protecting users against the security vulnerability CVE-2025-21204. This vulnerability involves improper link resolution before file access and can allow an authorized attacker to escalate privileges. Although the folder may seem empty and Internet Information Services (IIS) might not be in use, its deletion can compromise the effectiveness of the security patch, exposing systems to vulnerabilities. Microsoft recommends using a PowerShell script to restore the folder if deleted, rather than recreating it through IIS, which may add unwanted system folders.
Microsoft Issues Critical Windows Update—Do Not Delete This
Winsage
June 6, 2025

Microsoft Issues Critical Windows Update—Do Not Delete This

Users may face a significant vulnerability related to a Windows update from April 2025, particularly concerning the "inetpub" folder, which is essential for the security of Windows 11 systems. Microsoft clarified that this folder, linked to Internet Information Services (IIS) and necessary for hosting capabilities, should not be deleted. If users have removed the folder, they must restore it to address the security patch for CVE-2025-21204, as its absence can lead to risks such as privilege escalation and unauthorized access. Microsoft has provided a PowerShell script to restore the folder without enabling IIS, and users are advised to follow specific commands to execute the fix. However, many users may not take action, leaving their systems vulnerable.
Microsoft’s New Windows Update — 1 Billion Users Warned: Do Not Delete
Winsage
May 10, 2025

Microsoft’s New Windows Update — 1 Billion Users Warned: Do Not Delete

Windows users are facing security challenges, including zero-day vulnerabilities and hackers bypassing Windows Defender. Microsoft has removed VPN provisions for Windows Defender and discontinued security support for Windows 10, but users can upgrade to Windows 11 for free. Following the April 8 Patch Tuesday updates, a new folder named "inetpub" appeared on user devices, which Microsoft has warned users not to delete, as it is essential for security protections. This folder is generated after installing updates and is traditionally associated with the Internet Information Services (IIS) web server platform, regardless of whether IIS is installed. If users have deleted the inetpub folder, it can be restored by enabling IIS through the Windows Control Panel.
Windows "inetpub" security fix can be abused to block future updates
Winsage
April 25, 2025

Windows “inetpub” security fix can be abused to block future updates

A recent Microsoft security update has created a new 'inetpub' folder in the root of the system drive, linked to a fix for a Windows Process Activation elevation of privilege vulnerability (CVE-2025-21204). This folder has appeared on systems without Internet Information Services (IIS) installed. Microsoft advises users not to delete the folder, as it enhances system protection. However, cybersecurity expert Kevin Beaumont has shown that the 'inetpub' folder can be manipulated by non-administrative users to create a junction that redirects to a Windows file, potentially obstructing future Windows updates and resulting in a 0x800F081F error code. Microsoft has classified this issue as "Medium" severity and has closed the case, indicating it may be addressed in future updates.
Microsoft's Patch for Symlink Vulnerability Introduces New Windows Denial-of-Service Flaw
Winsage
April 25, 2025

Microsoft’s Patch for Symlink Vulnerability Introduces New Windows Denial-of-Service Flaw

In early April 2025, Microsoft addressed a security vulnerability (CVE-2025-21204) related to symbolic links in the Windows servicing stack, specifically affecting the c:inetpub directory used by Internet Information Services (IIS). The updates created the c:inetpub folder with appropriate permissions to mitigate risks. However, this fix introduced a new denial-of-service (DoS) vulnerability, allowing non-administrative users to create junction points on the c: drive, disrupting the Windows Update mechanism. A command such as "mklink /j c:inetpub c:windowssystem32notepad.exe" could be used to exploit this flaw, preventing systems from receiving future security patches. As of April 25, Microsoft had not released a patch or acknowledged the issue, leaving systems vulnerable and emphasizing the need for monitoring user permissions and manually removing suspicious symlinks.
Microsoft mystery folder fix might need a fix of its own
Winsage
April 24, 2025

Microsoft mystery folder fix might need a fix of its own

Microsoft's recent patch for CVE-2025-21204 inadvertently reintroduced the inetpub folder at c:inetpub as part of its mitigation strategy, raising concerns among system administrators. Security researcher Kevin Beaumont discovered that this folder created a new vulnerability when he used the mklink command with the /j parameter to redirect the folder to a system executable (notepad.exe). This allowed standard users to prevent Windows updates without administrative rights, as the command could be executed on default-configured systems. Beaumont has notified Microsoft of this vulnerability, but the company has not yet responded.
An empty folder in Windows that «cannot be deleted» can permanently block OS updates
Winsage
April 24, 2025

An empty folder in Windows that «cannot be deleted» can permanently block OS updates

The inetpub folder, introduced in the April update of Windows 11 (version 24H2) as part of a fix for the CVE-2025-21204 vulnerability, has raised concerns among security researchers. It can be manipulated to block Windows updates without administrative rights by creating a symbolic link to notepad.exe, which can lead to a rollback of patches and leave the system vulnerable. Microsoft has not yet responded to this issue, and the possibility of a patch to address the new vulnerability is still open.
Microsoft security patch opens up new security vulnerability
Winsage
April 24, 2025

Microsoft security patch opens up new security vulnerability

Microsoft's recent update aimed at fixing a security vulnerability (CVE-2025-2104) has unintentionally created an "inetpub" folder on the system drive of Windows operating systems. This folder's creation has raised concerns among IT security researchers, particularly Kevin Beaumont, who warns that it could lead to issues with Windows updates. Users can create junctions that redirect to the "inetpub" folder, potentially causing failures in installing updates and leaving systems vulnerable. Microsoft has stated that the "inetpub" folder should not be deleted and that its presence is part of security enhancements.
Windows 11's mysterious ‘inetpub’ folder might be more dangerous than we thought
Winsage
April 24, 2025

Windows 11’s mysterious ‘inetpub’ folder might be more dangerous than we thought

Windows 11 users have been warned about a potential vulnerability associated with the inetpub folder, introduced in the April 2025 security update. Security researcher Kevin Beaumont raised concerns that hackers could exploit this folder to disable essential security updates by creating "junction points" within the system's directory. This could lead to installation errors or force a rollback to previous system states due to a denial of service (DoS) vulnerability in the Windows servicing stack. Microsoft stated that the inetpub folder is part of a security patch (CVE-2025-21204) and advised against deleting it, claiming that removal would not impact system performance.
Search