The 'inetpub' folder, typically associated with Microsoft's Internet Information Services (IIS), is used for hosting websites and web apps, and is crucial for managing logs even for users without IIS activated.

This folder was generated as part of the April 2025 updates, which included a fix for a significant vulnerability in the Windows Update Stack.

Microsoft clarified that the 'inetpub' folder is essential for protection against this vulnerability, emphasizing its role in security enhancements.

Deleting the 'inetpub' folder compromises the security fix implemented by the April update, which addresses the aforementioned vulnerability.

Microsoft has issued a warning to Windows users about a newly created empty folder named 'inetpub' that appears after the recent April 2025 Patch Tuesday security updates.

The vulnerability, identified as CVE-2025-21204, involves improper handling of symbolic links, allowing local attackers to escalate permissions and manipulate files.

Despite its empty nature, the 'inetpub' folder serves a crucial security function, highlighting the importance of leaving it intact.

The appearance of the 'inetpub' folder has sparked confusion among users, leading some to mistakenly delete it, thinking it was unnecessary.

If users have deleted the 'inetpub' folder, they can restore it by reactivating Internet Information Services (IIS) through the Control Panel.

In response to the confusion, Microsoft is expected to improve communication regarding future changes to avoid similar misunderstandings.

The deletion of the folder allows attackers to exploit a 'link following flaw' to gain unauthorized access to the computer.

Microsoft has acknowledged that the naming of the folder as 'inetpub' may have contributed to user confusion, but it remains a critical component for system security.