A recent security update from Microsoft has inadvertently led to the creation of a new folder named “inetpub” on Windows systems. This folder plays a crucial role in maintaining system security, and its deletion by users can introduce significant vulnerabilities. In response to this issue, Microsoft has released a Powershell script designed to restore the “inetpub” folder along with the appropriate permissions.
According to Microsoft’s updated security advisory, systems that have installed the April security update, identified as KB5055528, require immediate action if the “inetpub” directory has been removed. The advisory emphasizes the necessity of executing the Set-InetpubFolderAcl.ps1 script to rectify the situation.
Powershell script as a workaround
The newly provided Powershell script serves as a practical solution for users facing this challenge. It not only recreates the “inetpub” directory if it has been deleted but also ensures that the directory’s permissions are set correctly. This measure is vital to prevent unauthorized access and mitigate potential vulnerabilities associated with CVE-2025-21204.
Furthermore, the script updates the access rights (ACLs) for the “DeviceHealthAttestation” directory, should it exist. This directory, introduced in certain server versions by the February 2025 security updates, also requires secure access configurations, as outlined in Microsoft’s latest security communication.
To utilize the script, users need to execute the command Install-Script -Name Set-InetpubFolderAcl. It is important to note that administrative rights are necessary to run the script effectively.
This issue came to light when IT security researcher Kevin Beaumont discovered that the deletion of the “inetpub” folder could hinder the installation of subsequent security updates while exploring the implications of the April patch day updates.
URL of this article:
https://www.heise.de/-10437124
Links in this article:
[1] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21204
[2] https://www.powershellgallery.com/packages/Set-InetpubFolderAcl/1.0
[3] https://aktionen.heise.de/heise-security-pro?LPID=39555HS1L0001274169990&wtmc=disp.fd.security-pro.securitypro24.disp.disp.disp
[4] mailto:dmk@heise.de
[5] https://www.facebook.com/heiseonlineEnglish
[6] https://www.linkedin.com/company/104691972
[7] https://social.heise.de/@heiseonlineenglish
[8] https://www.heise.de/news/Microsoft-Abhilfe-fuer-Sicherheitsluecke-durch-geloeschte-inetpub-Ordner-10437103.html
Copyright © 2025 Heise Medien
