[ALERT] Windows Users Warned Not to Delete New ‘inetpub’ Folder Created After Security Update

Microsoft has alerted more than a billion Windows users not to remove a strange new folder, "inetpub," that appeared recently after the April 8 Patch Tuesday security patches. The surprising folder has created confusion on online forums and social media as many users questioned whether it was an error, a data collection item, or even a security threat.

Why the Folder Appeared

The new folder is one aspect of Microsoft's patch of a critical vulnerability designated CVE-2025-21204. The security flaw was discovered in the Windows Update Stack, which handles system updates. If left unpatched, the vulnerability might enable attackers to locally escalate their privileges. A hacker might, therefore, be able to gain more elevated access to a device and take unauthorized actions—constituting a serious threat to system integrity and sensitive information.

Security researchers have labeled the vulnerability as perilous, particularly for companies, since it would enable attackers to circumvent defenses and seize control of systems. Microsoft patched the vulnerability with the April 8 update, but how it was done has raised eyebrows.

Also Read:Oppo K13 5G Launching on April 21 in India: Price, Specifications Details

What the 'inetpub' Folder Is

Usually, inetpub is related to Internet Information Services (IIS), which is Microsoft's web server infrastructure. It would only show up when IIS was manually enabled from Windows Features manually. However, with the current update, the folder was created automatically on every system whether or not IIS was installed. This out-of-the-box behavior created suspicion and anxiety among the users.

Microsoft revised its security advisory on April 10 to affirm that this folder's creation was intentional and is a part of the security updates to lock down systems against the CVE-2025-21204 vulnerability. But the company did not give certain information regarding how the folder helps to mitigate the problem.

Also Read: WhatsApp HACKED: CERT-In Issues High-Severity Warning for WhatsApp Desktop Users on Windows

Microsoft's Advice: Do Not Delete

As mentioned in its advisory, Microsoft explicitly said:

After the installation of the updates… a new %systemdrive%\\inetpub folder will be added to your device… The folder should not be removed irrespective of whether Internet Information Services (IIS) is installed on the target device.

Though the absence of information regarding the precise reason for the folder is frustrating to some experts and users, security experts are in consensus that it is advisable to heed Microsoft's recommendation. Removing the folder may be capable of disrupting the security patch or future updates.

Unless further information is made public, Windows users are advised not to touch the inetpub folder, even though it seems to be empty or redundant.

Also Read: WhatsApp HACKED: CERT-In Issues High-Severity Warning for WhatsApp Desktop Users on Windows