Microsoft has warned that users must not delete “inetpub” folder on Windows 11 after the April 2025 Update created it. This folder was initially assumed to be a bug in Windows 11 KB5055523 and other April 2025 cumulative updates, including Windows 10. It turns out it’s an intentional change, but Microsoft forgot to document it—until users discovered it and the confusion blew up.
On April 8, Windows Latest spotted that Windows 11 24H2 had quietly created a folder called “inetpub” out of nowhere. The “inetpub” is not a random name because it’s typically created when you use IIS (Internet Information Services) to host websites or apps on Windows 11, but it shows up on PCs even when you don’t have the folder.
Technically, as per Microsoft’s own documentation, “inetpub” folder is created and used to manage IIS (Internet Information Services) logs. When the IIS feature is turned on to develop web apps or apps, Windows creates a new directory C:inetpublogsLogFiles, so you can see the logs when locally hosting websites or apps.
After users installed KB5055523 or other April 2025 updates, they noticed a new folder empty folder, “inetpub,” with zero bytes of size in the system drive. The folder is created even when we don’t use the IIS feature. This was initially assumed to be an issue in Windows 11 KB5055523 and other updates.
However, it turns out that the “inetpub” folder has been intentionally created as part of a security patch.
Microsoft told me you’re not supposed to remove the folder even if Windows 11 allows you to. That’s because it’s linked to a security patch for a bug titled “CVE-2025-21204”, which is a flaw that allows attackers to modify the system files or folders.
“The CVE-2025-21204 security flaw is caused by an improper link resolution issue before file access (‘link following’) in the Windows Update Stack which likely means that, on unpatched devices, Windows Update may follow symbolic links in a way that can let local attackers trick the system into accessing or modifying unintended files or folders,” Microsoft noted in its advisory.
Unfortunately, Microsoft’s original advisory and other support documents failed to explain that an “inetpub” folder is will be created when you install Windows 11 April 2025 Updates, and you’re not supposed to delete it.
Today, after causing confusion among users, Microsoft finally corrected the mistake and quietly updated the support document to clearly state that the “inetpub” folder was intentionally created as part of its efforts to patch the above-mentioned vulnerability (CVE-2025-21204).
“After installing the updates listed in the Security Updates table for your operating system, a new %systemdrive%inetpub folder will be created on your device,” Microsoft noted in a support document spotted by Windows Latest.
“This folder should not be deleted regardless of whether Internet Information Services (IIS) is active on the target device. This behaviour is part of changes that increase protection and does not require any action from IT admins and end users,” the company added.
What to do if you removed the “inetpub” folder assuming it to be a bug?
There’s no need to panic if you’ve already removed the %systemdrive%inetpub folder assuming it to be an issue with Windows 11. After all, it was Microsoft’s fault that the changes in the release notes were not correctly clarified.
Regardless, if you removed the folder, we strongly recommend you reinstall the April 2025 updates.
To do this, you need to uninstall the April 2025 Update from Settings, reboot, check for updates again, and reinstall the update. In our tests, this brings back the folder and applies the security patch correctly.
If you don’t want to go through the hassle, wait for the next cumulative update, which will also include the folder.
The post Windows 11: Microsoft warns do not delete inetpub folder after causing confusion appeared first on Windows Latest
Source: Read MoreÂ
