New York, April 12, 2025 – Microsoft has issued an urgent advisory to Windows 11 users, warning them not to delete a seemingly innocuous, empty folder named inetpub that appeared in the root directory of their system drives after installing the April cumulative update KB5055523. The company states that this folder is integral to a critical security patch and its removal could leave systems vulnerable.
The alert follows reports from Windows 11 users who noticed the unexpected appearance of the inetpub folder on their C: drives after applying the latest update. Initial reactions led some users to believe it was safe to delete the empty directory, but Microsoft has clarified that doing so compromises a vital security fix.
The inetpub Folder: A Silent Guardian
According to an updated support document released by Microsoft today, the inetpub folder is automatically created as part of the April 2025 cumulative update (KB5055523). Its purpose is to address a high-severity security vulnerability identified as CVE-2025-21204. This vulnerability could allow attackers to exploit symbolic links, potentially leading to unauthorized access or modification of sensitive files.
After installing the April 2025 security update, all devices will automatically create the %systemdrive%\inetpub folder, Microsoft’s security team stated. This folder should not be deleted, regardless of whether IIS (Internet Information Services) is enabled.
The Consequences of Deletion
While deleting the inetpub folder might not immediately cause system instability, IT Home, a technology news outlet, confirmed through testing that removing the folder effectively disables the security patch. This leaves the system exposed to the CVE-2025-21204 vulnerability.
Recovery Steps
For users who have already deleted the inetpub folder, Microsoft recommends a specific recovery process. Simply recreating the folder manually is insufficient to fully restore the security fix. Instead, users must uninstall the KB5055523 update and then reinstall it. This process ensures that the necessary security configurations are properly applied.
Why This Matters
This incident highlights the often-invisible role of security updates in maintaining the integrity of operating systems. While the appearance of an empty folder might seem insignificant, its presence can be crucial for protecting against potential cyber threats. Microsoft’s prompt response and clear communication underscore the importance of staying informed about system updates and following official guidance.
Looking Ahead
Microsoft continues to investigate the issue and provide support to Windows 11 users. This episode serves as a reminder for users to exercise caution when making changes to their system files and to consult official documentation before deleting unfamiliar folders or files. As cyber threats evolve, proactive security measures and informed user practices remain essential for safeguarding digital assets.
References:
- Microsoft Support Document on KB5055523
- IT Home News Report: 微软提醒 Win11 用户勿删 inetpub 空文件夹,因为它与安全补丁有关 (Microsoft Reminds Windows 11 Users Not to Delete the Empty inetpub Folder, As It Is Related to Security Patches)
Views: 0