Particle.news
Download on the App Store
5 ARTICLES
·
last wk.

Microsoft Confirms 'inetpub' Folder in Windows Update as Essential Security Measure

The folder, introduced in the April 2025 update, prevents a critical vulnerability and should not be deleted, with restoration steps available for affected users.

Overview

  • The 'inetpub' folder, created during the April 2025 Windows update, is part of a security fix addressing CVE-2025-21204, a vulnerability allowing local privilege escalation.
  • Microsoft advises users not to delete the folder, as its removal compromises the security patch's effectiveness, leaving systems vulnerable to exploitation.
  • The folder appears on all systems, regardless of whether Internet Information Services (IIS) is installed, emphasizing its role as a security precaution rather than a web server feature.
  • For users who have already deleted the folder, Microsoft provides a fix: enabling IIS through the Control Panel will restore the folder with appropriate permissions.
  • Microsoft has been criticized for unclear communication about the folder's purpose, which led to user confusion and unnecessary deletions.