🔍 Summary:
Windows users who have noticed a new folder named C:\inetpub on their hard drives after installing recent security updates need not worry. This folder is part of a security measure introduced by Microsoft to address a vulnerability identified as CVE-2025-21204, which could potentially allow malware or unauthorized users to gain elevated system-level file-management privileges. The folder, which is created automatically whether or not the Internet Information Services (IIS) web server feature is activated, is intended to prevent this type of security breach.
Microsoft advises against deleting the folder, emphasizing that its presence increases protection and requires no further action from users or IT administrators. The folder is set with read-only SYSTEM-level access, a precaution that blocks certain types of privilege-escalation attacks. This security strategy is implemented regardless of whether IIS is installed on the system, as the folder appears by default following the security patch installation on Windows 10 and 11.
For users who may have already removed the folder, Microsoft provides a simple fix: enable IIS temporarily via the Windows Control Panel, which will recreate the folder with the necessary permissions, and then disable IIS again if it’s not needed. Alternatively, users can manually create the folder and set the appropriate access restrictions. This proactive security measure by Microsoft aims to fortify systems against potential future exploits that could leverage the CVE-2025-21204 vulnerability, for which there are currently no known active exploits or publicly available exploit code.
📌 Source: https://www.theregister.com/2025/04/14/windows_update_inetpub/
![Meta Ray-Bans get a sleek new translucent limited edition release [Gallery] – 9to5Google](https://i0.wp.com/neuratrendai.com/wp-content/uploads/2025/03/image-148.jpg?fit=1024%2C683&ssl=1)
